redline | 49c9d33cfdfa34bdfb3e63dbfff241d24a3935d6ed86a2e2a0321dac62d1b1bd | Triage

Submit
Reports

Overview

overview

Static

static

49c9d33cfd...bd.exe

windows7-x64

49c9d33cfd...bd.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

lyla.05.09 redline

1 signatures

Behavioral task

behavioral1

Sample

49c9d33cfdfa34bdfb3e63dbfff241d24a3935d6ed86a2e2a0321dac62d1b1bd.exe

Resource

win7-20220812-en

redline lyla.05.09 discovery infostealer spyware stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

49c9d33cfdfa34bdfb3e63dbfff241d24a3935d6ed86a2e2a0321dac62d1b1bd.exe

Resource

win10v2004-20220812-en

redline lyla.05.09 discovery infostealer spyware stealer

windows10-2004-x64

6 signatures

150 seconds

General

Target

49c9d33cfdfa34bdfb3e63dbfff241d24a3935d6ed86a2e2a0321dac62d1b1bd
Size

90KB
MD5

eb0b37549e8cb7c1d4e531bd254070d1
SHA1

908fbae1ebc9558915da0e834f0a4eebec50f993
SHA256

49c9d33cfdfa34bdfb3e63dbfff241d24a3935d6ed86a2e2a0321dac62d1b1bd
SHA512

197897b393249f36f2e36c365ff5228bb1008a9bf3e4c351350faacfb0c61cacb5c00e365efa9203559aa8c1166070334abe72e26d23f3767d1d6fd972305b6f
SSDEEP

1536:5PqUPY5AyWjddJg3ZD+bDZJm6WDNWDN5ND2DNOiutjyCYDN1eveDNPlUJ7WvsAdf:Ar+q6Tex2iE519ELADbK6Id

Score

10^/10

lyla.05.09 redline

Malware Config

Extracted

Family

redline

Botnet

Lyla.05.09

C2

185.215.113.216:21921

Attributes

auth_value
4c741afc1c05b4214ca1681cc6b417da

Signatures

Redline family
redline

Files

49c9d33cfdfa34bdfb3e63dbfff241d24a3935d6ed86a2e2a0321dac62d1b1bd
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy