redline | 2800-140-0x0000000000400000-0x0000000000438000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

2800-140-0...ry.exe

windows7-x64

1

2800-140-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

installs redline

1 signatures

Behavioral task

behavioral1

Sample

2800-140-0x0000000000400000-0x0000000000438000-memory.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

2800-140-0x0000000000400000-0x0000000000438000-memory.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

2800-140-0x0000000000400000-0x0000000000438000-memory.dmp
Size

224KB
MD5

ff086784b2a5cb081e03672fe0bcb793
SHA1

16c61786b3a65eef6e4181c071d181618c296d88
SHA256

c992ff1e61b6997ef03f5a1e2b6d96fd8bc9381b04821b59c602c36079b30cf6
SHA512

ef3a3d4058d832e84b97a889a9894f6fd874f72ed6b38e0fd36a6e0e3a5a4119f1080bf2c084a4810746aa3aa53674d44c8f93072e938e23a9e89fd2173108c5
SSDEEP

3072:eoB++MxlpQ+Ozsn8XF2//C/QIv+y412b7krzpium:eoB+Lpr3IrOz

Score

10^/10

installs redline

Malware Config

Extracted

Family

redline

Botnet

installs

C2

77.73.134.57:20368

Attributes

auth_value
018d84fd84774560e4827f12acc7d4af

Signatures

Redline family
redline

Files

2800-140-0x0000000000400000-0x0000000000438000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy