redline | 296-56-0x0000000000090000-0x00000000000C6000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

296-56-0x0...ry.exe

windows7-x64

1

296-56-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

@withloveyou0 redline

1 signatures

Behavioral task

behavioral1

Sample

296-56-0x0000000000090000-0x00000000000C6000-memory.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

296-56-0x0000000000090000-0x00000000000C6000-memory.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

296-56-0x0000000000090000-0x00000000000C6000-memory.dmp
Size

216KB
MD5

70e70ff3211b836a16815ed848efc09d
SHA1

697a814407f52e1878dcc67d67e9f04a4f8dc035
SHA256

c293f4f4e6ae2c40ef38d9cb5c88415f777f79aa5101473bc371341f4add2d0b
SHA512

e6708c9f1ed2d11dacb83f178eb2ab67516b3eb771d831faaebf2751e1e95dee9214560ca1db0e005ebf901727c7f4c7fff90ca39b9d8db22fac798a184e01ad
SSDEEP

1536:VYTbKQ13KXronp/aVefSuPCegdjbXEezgktMpzurktsadOUw1y/pbYY3Gz:6l3VsV+pPEV0iZGHskrhpPGz

Score

10^/10

@withloveyou0 redline

Malware Config

Extracted

Family

redline

Botnet

@WithLoveYou0

C2

82.115.223.138:35316

Attributes

auth_value
dcc443a8154f486574ea3415918371fd

Signatures

Redline family
redline

Files

296-56-0x0000000000090000-0x00000000000C6000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy