redline | 1504-233-0x0000000000750000-0x0000000000790000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1504-233-0x0000000000750000-0x0000000000790000-memory.dmp
Size

256KB
MD5

250f494f52c303a21f31e2cee5eb006e
SHA1

3e772155059a2671a204794e2035903b1dad37eb
SHA256

775fb0770c6c771dbfcb434ce90ac19176645d1d179d506beacb30354751680f
SHA512

c964eeeb661f6bec4a857c8d5df872005f892b7c3675458820e8fa22999cb69a9cad7a33ecc5c3de59ba223d7ed25d23fccedb9af635054aa8f8efb25ef881b6
SSDEEP

6144:U2fefTsF9lDGNY3iF76fM2qYMZMBgcf0T9shXIAVqhfbzCyPz+:U2fKTkDqYGMj/Vq1bh+

Score

10^/10

redline

Malware Config

Signatures

RedLine payload 1 IoCs

resource	yara_rule
sample	family_redline

Redline family
redline

Files

1504-233-0x0000000000750000-0x0000000000790000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ