redline | 1068-56-0x0000000000400000-0x0000000000432000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1068-56-0x...ry.exe

windows7-x64

1068-56-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1068-56-0x0000000000400000-0x0000000000432000-memory.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1068-56-0x0000000000400000-0x0000000000432000-memory.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1068-56-0x0000000000400000-0x0000000000432000-memory.dmp
Size

200KB
MD5

1aa2b61d1a6122f5640330713fdd81b8
SHA1

928570b0736da66f7f456293aadc9f51daef4d27
SHA256

a2559bf1608fdaac224a87e13b4433c80edcb612e20db19e124626c8e11491a3
SHA512

ee4c1809a5a023ceb227e186137f55d5942943df9d25cc837c19b3c1e2be0c97c51f3673120862252e9f87e91672dee55de8d6d2c3873f6e2bed19b07946f91b
SSDEEP

3072:KtxqZWKnaxIF63TiXKsZnezTFXhozxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0j3:K3qZmTiXlZsXh

Score

10^/10

redline

Malware Config

Extracted

Family

redline

C2

95.216.252.182:4278

Attributes

auth_value
a909e2aaecf96137978fea4f86400b9b

Signatures

Redline family
redline

Files

1068-56-0x0000000000400000-0x0000000000432000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy