redline | 17ebdf23b6e531bd51e021a441b934b2[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

17ebdf23b6...b2.exe

windows7-x64

17ebdf23b6...b2.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

@sem_o_o redline

1 signatures

Behavioral task

behavioral1

Sample

17ebdf23b6e531bd51e021a441b934b2.exe

Resource

win7-20220901-en

redline @sem_o_o discovery infostealer spyware stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

17ebdf23b6e531bd51e021a441b934b2.exe

Resource

win10v2004-20220901-en

redline @sem_o_o discovery infostealer spyware stealer

windows10-2004-x64

6 signatures

150 seconds

General

Target

17ebdf23b6e531bd51e021a441b934b2.exe
Size

89KB
MD5

17ebdf23b6e531bd51e021a441b934b2
SHA1

8261834977e8c89b2620cd96c43fad8f1682736b
SHA256

eaa6e23bcca1050ddcc915b2f1a3bfd5fbf5e3471e67a3e5549098b2cd23c8e3
SHA512

f242599b378791b1d63c97275ef2c5accff5760275abf13b4491df6e274c46f71f297870eccd55a064d198092478594580768db5298eacb4271026a3cb525243
SSDEEP

1536:EQJw9MxWK4hgZ5ZXEnYb60HfHyYd9uOVTcwMbr++dAaWO+5aJVYbsa4eGZE:5JUgXZAYLyxAaWO+5sVYbsJeP

Score

10^/10

@sem_o_o redline

Malware Config

Extracted

Family

redline

Botnet

@sem_o_o

C2

79.137.192.32:43204

Attributes

auth_value
3418e2414607c77ee0c5ca9331958d79

Signatures

Redline family
redline

Files

17ebdf23b6e531bd51e021a441b934b2.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy