redline | 1976-54-0x0000000003320000-0x000000000334F000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1976-54-0x0000000003320000-0x000000000334F000-memory.dmp
Size

188KB
MD5

c6def3b62a60294f055c61ff42541043
SHA1

86ed754d3349bd8b72bf568d07c95b5c4713d79f
SHA256

4628d94c5f98c674ea34583d9f94d4739a11c3537cd75fc51f0c9cc531c3a2c9
SHA512

ec46d35c02a7828428b3a496500d87847994086445910e1cec91ce6e569b38f3d63641f84923098165306410d004fd0d17ecddb682721da5b00cc2e4a2ef05bc
SSDEEP

3072:fj5aiR96YHANsz6MJdmY/d2U17r86zd2lofMUR/v9Swd3g7anNUY:r5pWYHv/UOZSOnNUY

Score

10^/10

redline

Malware Config

Signatures

RedLine payload 1 IoCs

resource	yara_rule
sample	family_redline

Redline family
redline

Files

1976-54-0x0000000003320000-0x000000000334F000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ