redline | 56ff585dc2f196033368c6e2a695df8d9835d93244a7a1c3a83ec1b56b5adb0e | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

56ff585dc2f196033368c6e2a695df8d9835d93244a7a1c3a83ec1b56b5adb0e.exe

Resource

win10v2004-20220901-en

redline cham discovery infostealer spyware stealer

windows10-2004-x64

6 signatures

150 seconds

General

Target

56ff585dc2f196033368c6e2a695df8d9835d93244a7a1c3a83ec1b56b5adb0e
Size

175KB
MD5

169229c688e201e1fb1d771c181dd9ab
SHA1

316d8d6f1cdf6b1e092e101367596f25dbfc0423
SHA256

56ff585dc2f196033368c6e2a695df8d9835d93244a7a1c3a83ec1b56b5adb0e
SHA512

6e71798834669d2601061ec9dfc2822310a7867c6bc9a85ee53824632786a53629fbd21de448c8f7884c330a3eae9ea2905253ae979e9741a6dafa7d1158d5c3
SSDEEP

3072:fxqZWJBaKULo3hPMkRq4ze759phz/xNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0j4:JqZIhPM8hGph

Score

10^/10

cham redline

Malware Config

Extracted

Family

redline

Botnet

cham

C2

31.41.244.98:4063

Attributes

auth_value
a950c77ff7a47c51d23b247c81354ea4

Signatures

Redline family
redline

Files

56ff585dc2f196033368c6e2a695df8d9835d93244a7a1c3a83ec1b56b5adb0e
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy