redline | 858df07e53bab7a2658b424257a368fed159431149638d88f47cb5c2ef15797b | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

Static task

static1

updated/5/77 redline

1 signatures

Behavioral task

behavioral1

Sample

858df07e53bab7a2658b424257a368fed159431149638d88f47cb5c2ef15797b.exe

Resource

win10v2004-20220901-en

redline updated/5/77 discovery infostealer spyware stealer

windows10-2004-x64

6 signatures

150 seconds

General

Target

858df07e53bab7a2658b424257a368fed159431149638d88f47cb5c2ef15797b
Size

175KB
MD5

96a9f8bcd2ae15b0fd04d20274cecd19
SHA1

b12285bc3be7d95da53e4ba25420ba65516b1ceb
SHA256

858df07e53bab7a2658b424257a368fed159431149638d88f47cb5c2ef15797b
SHA512

cc6ac9286cfa386f9c02675364f88de50d39ff3c1eef6790b7f7e0be533e350a9ef9c5474949d6714e6f463936e91603fe73c7804695758006ae846ec4bbb934
SSDEEP

3072:+xqZWVtaKUPLvz6n3SuUQeqAFBhiXxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jf:kqZb+34xBh

Score

10^/10

updated/5/77 redline

Malware Config

Extracted

Family

redline

Botnet

Updated/5/77

C2

82.115.223.15:15486

Attributes

auth_value
e4168f5f7e67b0376a0c1a710d80e10f

Signatures

Redline family
redline

Files

858df07e53bab7a2658b424257a368fed159431149638d88f47cb5c2ef15797b
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy