redline | 960-57-0x0000000000400000-0x0000000000430000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

960-57-0x0...ry.exe

windows7-x64

960-57-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

960-57-0x0000000000400000-0x0000000000430000-memory.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

960-57-0x0000000000400000-0x0000000000430000-memory.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

960-57-0x0000000000400000-0x0000000000430000-memory.dmp
Size

192KB
MD5

a63fcda81ebd95c16bf0c359d4f87c90
SHA1

8f6e80ce06f0d9401dbe3479d92387e95af9f4da
SHA256

5b4f76094284c9040848214a20afc9122faef34398c9f43e4d626751b4f89c85
SHA512

c7fbc6101fb6dbc4e3b94294de2d7c8393921b9c96b604583bbff85e37b0be08e6bdaf8ac2fd7d4af8106739f3b5acc03a71e5cdcb1c24cbc3ea87eda86ce9d3
SSDEEP

3072:Qqavm74qpXtmOnJjBawT253uaxfKfVvXgDOL3DzpPL0F0JCb3O3Cb3hHSHUEcC8d:6sfdVcsh

Score

10^/10

redline

Malware Config

Extracted

Family

redline

C2

45.15.157.131:36457

Attributes

auth_value
48afb44fafe54e30ae6386d5d4b8751f

Signatures

Redline family
redline

Files

960-57-0x0000000000400000-0x0000000000430000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy