redline | 5028-133-0x00000000011A0000-0x00000000011BE000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

5028-133-0...ry.exe

windows7-x64

5028-133-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

5397150605_99 redline

1 signatures

Behavioral task

behavioral1

Sample

5028-133-0x00000000011A0000-0x00000000011BE000-memory.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

5028-133-0x00000000011A0000-0x00000000011BE000-memory.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

5028-133-0x00000000011A0000-0x00000000011BE000-memory.dmp
Size

120KB
MD5

accf4fe2ee43ea62bd4ac17fbc962f48
SHA1

421bc476a041b19d3cc3946b7087ace6b78b2fc6
SHA256

20cf14a8d9dfd719d4018ab385c4e0bcc8f7cc7c943e6f82312f211ea2bb1862
SHA512

f0418fb2a812e0eb8cad098602baaca5878053de03c7c32fee87075be666287f135d03ccf2e82ee20c10f49930a0fd3e3cab7ca35d644c20b169a26926ca1b0e
SSDEEP

3072:DfEzIAFLCEU4WcILg8LbZnMc/QIzKVqk/AI/onNN:glCa8hm/8N

Score

10^/10

5397150605_99 redline

Malware Config

Extracted

Family

redline

Botnet

5397150605_99

C2

spartanlivestyle.xyz:28786

Attributes

auth_value
63e68f2da0f5ad0292cecc17b8577afc

Signatures

Redline family
redline

Files

5028-133-0x00000000011A0000-0x00000000011BE000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy