redl-stealer[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

redl-stealer.zip
Size

1.2MB
MD5

738ab0d6a15f420930ad4e8350fa6510
SHA1

410cf4a2e360f6e72d9eedaca2b3d4594d3c010e
SHA256

4fec3b10aa41beeeb09e23934d8cb912161c73a9eb610ac0eb7363497b8dc2c1
SHA512

82bc8387a361c48a2ae74cdb56d99fc8a8175be7c0337598cb7d9006ce8c7b128076e8d687c28bbf9eac934e68855a1f2a5b14a013a1d6cb524cf2d5a2b366c0
SSDEEP

24576:wbtrW29Nfv3rCxz+bXanIoIneGqIjJzyYtsS64S9kLRQa3lsAjA2:w029NX3rpbXctFGBjJnsn4SCl3C2

Score

N/A

Malware Config

Signatures

Files

redl-stealer.zip
.zip

Password: infected
6fd2101ef8a9c57ae97eabf68eeac3ce6ae3bef8f6641185157fc224bca556e9.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ