redline | 988-56-0x0000000000400000-0x0000000000432000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

988-56-0x0...ry.exe

windows7-x64

988-56-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

988-56-0x0000000000400000-0x0000000000432000-memory.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

988-56-0x0000000000400000-0x0000000000432000-memory.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

988-56-0x0000000000400000-0x0000000000432000-memory.dmp
Size

200KB
MD5

9f66974bdcc5110b3b4a69084b3ce60b
SHA1

bceea3d4f6308ba8a4161bed160b30a35a143d48
SHA256

bb5d30a28452ac13ae16b1363247216beaf06ec32c69b5dc8259f570fa907d1d
SHA512

36dd1456b9776fb366ccb3f4dd51036c0eba78cda46c89ef5ba98f72b0a65e1cb7b131b7aae0d64841c8d9d29c0b5cbb9a08f75ef4b13139b0d97a9a878c2df2
SSDEEP

3072:ZxqZWktaLU+EPgfkIReLh9yhLXxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuw3:LqZtgf/Myh

Score

10^/10

redline

Malware Config

Extracted

Family

redline

C2

85.31.44.66:17742

Attributes

auth_value
e9a89e5b72a729171b1655add99ee280

Signatures

Redline family
redline

Files

988-56-0x0000000000400000-0x0000000000432000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy