redline | 3ecbe8ba21e3646aa7a4fecaf615c173af2e7fe23fcebf167487d0c780219c3a | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

Static task

static1

uppppppp3333 redline

1 signatures

Behavioral task

behavioral1

Sample

3ecbe8ba21e3646aa7a4fecaf615c173af2e7fe23fcebf167487d0c780219c3a.exe

Resource

win10-20220901-en

redline uppppppp3333 discovery infostealer spyware stealer

windows10-1703-x64

6 signatures

150 seconds

General

Target

3ecbe8ba21e3646aa7a4fecaf615c173af2e7fe23fcebf167487d0c780219c3a
Size

337KB
MD5

7bbbd0ea0e5090f8d0a4be4e4f9daf73
SHA1

d95f083372ff1f6996c42f22d283fd6190a81924
SHA256

3ecbe8ba21e3646aa7a4fecaf615c173af2e7fe23fcebf167487d0c780219c3a
SHA512

7c13f8a43bdb9b87306bb896fc0bf86f3bc61919250f4837b4813d18c18a0236c24a5a37275311fec024f91e543fdaf3e883b93c40957725a74f60f7f42592cc
SSDEEP

6144:hNWamnZuEr7xGNIeOfD/XIQJJisVO/IPPQD3bqhydUpz:QtrtbJJisVO/IPPQD3bqhydUpz

Score

10^/10

uppppppp3333 redline

Malware Config

Extracted

Family

redline

Botnet

Uppppppp3333

C2

82.115.223.15:15486

Attributes

auth_value
b6b4363a729aa9e5e1db42da417129da

Signatures

Redline family
redline

Files

3ecbe8ba21e3646aa7a4fecaf615c173af2e7fe23fcebf167487d0c780219c3a
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy