redline | 4544-514-0x0000000000170000-0x00000000001D2000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4544-514-0x0000000000170000-0x00000000001D2000-memory.dmp
Size

392KB
MD5

18dc584b9485784a0065c69d5e3a853c
SHA1

0ce8ee7272159ebdad9f7f50143cad4fdabd8e00
SHA256

ad16a830c5b4ab95cc92ae9b5104f3b217d9bab717d94c1d6c39b9f8facb5fdd
SHA512

ffcbced5bf83f752096350df2a03796d5322d33133e1e0dff886044ae5c6706e7979e22325c9ec7a01e498d7854d9a05d92c68b2d3e6ed8baa9d3c36598badb6
SSDEEP

6144:Pt+IHk4MRWy1xAoAOLBWed9sOeqbCqQ1Mg:F1Hk40Dpbeqba1Mg

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Files

4544-514-0x0000000000170000-0x00000000001D2000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 206KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ