redline | 17080-279-0x0000000000560000-0x0000000000618000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17080-279-0x0000000000560000-0x0000000000618000-memory.dmp
Size

736KB
MD5

96436be7919082cf1e3a7463804d6892
SHA1

550f5946a2a90dfa1cb3e25825ac835f83ef61c3
SHA256

a92bcb34a4aee6813695475e5a31bf8253930b4664b971564ea05adb869ebb96
SHA512

94da6f5127b557c8773edc41762659d5392e6bd30af103092ec138856a925075139c6b9f421c86d60dda91592a3858194eb6c630bd831845e13e385534ad00e4
SSDEEP

12288:M/95AK5pI8y1yTzdYXvtXGDyEiDgtn8d0f0zhYoTvuYitnZpYGM87+jUbcpF:M/95A2pI8y1yPeEiEt8d0fSHiYG1Vbcz

Score

10^/10

redline

Malware Config

Signatures

RedLine payload 1 IoCs

resource	yara_rule
sample	family_redline

Redline family
redline

Files

17080-279-0x0000000000560000-0x0000000000618000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 471KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ