redline | 1068-84-0x0000000000400000-0x0000000000432000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1068-84-0x...ry.exe

windows7-x64

1068-84-0x...ry.exe

windows10-2004-x64

Sharing

Static task

static1

socicalbot redline

1 signatures

Behavioral task

behavioral1

Sample

1068-84-0x0000000000400000-0x0000000000432000-memory.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1068-84-0x0000000000400000-0x0000000000432000-memory.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1068-84-0x0000000000400000-0x0000000000432000-memory.dmp
Size

200KB
MD5

7844f6658758fc500c2c2ae38bba91aa
SHA1

84195205b347c935a7e9e8323cfe560d1a7401fe
SHA256

8fefeebe820301301780c883bb0d54284e1bfa950003299658e5acdb73b5e7ab
SHA512

825fca9af7f33f82c02887545928ecb48618935a7be67e95a843e2a39e1450e9915b482da6de6a72588621a381ec0ad8de5e3699fa8021363e981f668944436a
SSDEEP

3072:OxqZWHzaWAtdsiLe5G80e+o9Gh7/xNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOQ:0qZwii5ZzGh

Score

10^/10

socicalbot redline

Malware Config

Extracted

Family

redline

Botnet

socicalbot

C2

149.28.205.74:2470

Attributes

auth_value
9c51f0d7102febd61d441fffb9c4bb47

Signatures

Redline family
redline

Files

1068-84-0x0000000000400000-0x0000000000432000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy