redline | 425ef8cee11f07298ffc4e7d3f71d52229feb2434b202e295e5e374e60aca609 | Triage

Submit
Reports

Overview

overview

Static

static

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

redspree1 redline

1 signatures

Behavioral task

behavioral1

Sample

425ef8cee11f07298ffc4e7d3f71d52229feb2434b202e295e5e374e60aca609.exe

Resource

win7-20221111-en

redline redspree1 discovery infostealer spyware stealer

windows7-x64

6 signatures

300 seconds

Behavioral task

behavioral2

Sample

425ef8cee11f07298ffc4e7d3f71d52229feb2434b202e295e5e374e60aca609.exe

Resource

win10-20220812-en

redline redspree1 discovery infostealer spyware stealer

windows10-1703-x64

6 signatures

300 seconds

General

Target

425ef8cee11f07298ffc4e7d3f71d52229feb2434b202e295e5e374e60aca609
Size

175KB
MD5

5a377a5d469a58ac51a5b7f3dc03e42f
SHA1

2d1052869b98955100b1e9c5ed41a6ca80f03d8c
SHA256

425ef8cee11f07298ffc4e7d3f71d52229feb2434b202e295e5e374e60aca609
SHA512

6a5759340f52aaeac4aa7b632ba3cd4b72c31d8561056e7f27c9846b05b86c12d2579fc2553e79cc857f285fdcbfb40322445f42877b8d045730c1ed0e6e3bca
SSDEEP

3072:HxqZWZpaPEDv0zJZM68IpeHF9nho7xNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0j0:RqZlzJZDHAnh

Score

10^/10

redspree1 redline

Malware Config

Extracted

Family

redline

Botnet

redspree1

C2

142.132.234.165:49967

Attributes

auth_value
1f5e11b1b278be1edf74260c6fcdedce

Signatures

Redline family
redline

Files

425ef8cee11f07298ffc4e7d3f71d52229feb2434b202e295e5e374e60aca609
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy