redline | 2896-183-0x0000000000690000-0x00000000006C2000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

2896-183-0...ry.exe

windows7-x64

2896-183-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

upadated.7 redline

1 signatures

Behavioral task

behavioral1

Sample

2896-183-0x0000000000690000-0x00000000006C2000-memory.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

2896-183-0x0000000000690000-0x00000000006C2000-memory.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

2896-183-0x0000000000690000-0x00000000006C2000-memory.dmp
Size

200KB
MD5

d50712f4cd560044cfe08bc4ceb1b502
SHA1

b3041ca0ce7fd652b696ec4eb4fc3ef332bf3770
SHA256

340863a36d0b92e917b7edb1768ac8a6b5cf6ced701fb202bf092a75f6e23a35
SHA512

19b7f9c775a43b7e0a6348d00af9b77049fce9545551bad19d0a58e3198b25e71757b28029042fb060aa7ad9c2c776382c035dd0c2af021f8e5f79a252f34e77
SSDEEP

3072:ixqZWVtaKUPLvpmBHkUCeI0FHhdXxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOk:QqZbpE75Hh

Score

10^/10

upadated.7 redline

Malware Config

Extracted

Family

redline

Botnet

Upadated.7

C2

185.106.92.214:27015

Attributes

auth_value
138d72e65a312fb64357d0f49a4f2230

Signatures

Redline family
redline

Files

2896-183-0x0000000000690000-0x00000000006C2000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy