redline | 45360-288-0x0000000000330000-0x00000000003E8000-memory[.]dmp | Triage

Sharing

General

Target

45360-288-0x0000000000330000-0x00000000003E8000-memory.dmp
Size

736KB
MD5

4594ccb1dc203a1c168af413fca15793
SHA1

283e237cb85475ec081ab92a90ae0b9099050abd
SHA256

9238d2e4be2c50631eb7629d869a55d53a014c0ec32a5600ed198a90604e2f5f
SHA512

4ba9b9659626f0c5c407084bd0230e2d3bbbf644d809a90ee31c6204d3eade455ef450bba9646aa648c26c50844852cb83f9788fd0c424d1baded9a342433fb4
SSDEEP

12288:PgiHakrt+oMmogB8InwHtn3Eid6LEb/Xg0EWUxmIunPHlNYGM87+jtb4pF:PgiHHrt+oMmDiEisLG/XgtWtYG1Eb4z

Score

10^/10

redline

Malware Config

Signatures

RedLine payload 1 IoCs

resource	yara_rule
sample	family_redline

Redline family
redline

Files

45360-288-0x0000000000330000-0x00000000003E8000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 471KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ