redline | 840b613e2b9d25d067a9afdf289248fc[.]exe | Triage

Sharing

General

Target

840b613e2b9d25d067a9afdf289248fc.exe
Size

2.5MB
MD5

076251498013ac93eac4baf4affa043d
SHA1

c0c2c30a80b6f124b2727cacf31bb381c8145856
SHA256

e4c098b4db22b453a8282229d5f75012e62a53b8f231c4c6c92772bd13d72617
SHA512

326468e60f5278487fd4cff49284f076ae953d310252956112c8fb59b2be53bda33cf93919dcb44ee061c0b124cfc6d41e3b6cbe257985d8986b34107ddb19bd
SSDEEP

49152:qMcwctc47V4ruEIfnrzaxBhWl+aXAczlk2J3Y2pQte:eZRVwuEIfnacU3x2Jo2Sk

Score

10^/10

redline

Malware Config

Signatures

RedLine payload 1 IoCs

resource	yara_rule
sample	family_redline

Redline family
redline

Files

840b613e2b9d25d067a9afdf289248fc.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ