redline | f20abd98fad1644230b99eeb38b666d80ccdad48475c5702a49513c05ef09f69 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f20abd98fad1644230b99eeb38b666d80ccdad48475c5702a49513c05ef09f69.exe

Resource

win10v2004-20221111-en

redline winrar infostealer

windows10-2004-x64

1 signatures

150 seconds

General

Target

f20abd98fad1644230b99eeb38b666d80ccdad48475c5702a49513c05ef09f69
Size

336KB
MD5

edfca9e6d885919071cb3c05814f49c4
SHA1

a1b7167fd669c7a025e6f9239d693d5449c7a43e
SHA256

f20abd98fad1644230b99eeb38b666d80ccdad48475c5702a49513c05ef09f69
SHA512

3d86fb0859f31054c7151b26cc21def8c8a322fd86d664fa2da76032e800c64f5879635324bbb24a4e2b001f1ca47bfd32bd77fb311fc18fd1ab71e0c9332842
SSDEEP

6144:oBmtFyyTOssE3Z8OL0t/vDNKzh6OWMW6yEd8t4cAShRQXVomLKQgD3:lCyT3XLl1WMW6yEd8t4cAShRQXVomLKp

Score

10^/10

winrar redline

Malware Config

Extracted

Family

redline

Botnet

winrar

C2

194.180.48.43:34991

Attributes

auth_value
c5c4d33fe392ecdb02f465ab55915bea

Signatures

Redline family
redline

Files

f20abd98fad1644230b99eeb38b666d80ccdad48475c5702a49513c05ef09f69
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy