redline | 30e97c94990818f89838bd96b3c90c411e89cf801198a0be961944503b1329ba | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

30e97c94990818f89838bd96b3c90c411e89cf801198a0be961944503b1329ba.exe

Resource

win10-20220812-en

redline muzh discovery infostealer spyware stealer

windows10-1703-x64

6 signatures

150 seconds

General

Target

30e97c94990818f89838bd96b3c90c411e89cf801198a0be961944503b1329ba
Size

175KB
MD5

ef4b3f41e142a0ab062d4b87025b3aa6
SHA1

d00f8704bfee43abcda24391bcf012d218053db2
SHA256

30e97c94990818f89838bd96b3c90c411e89cf801198a0be961944503b1329ba
SHA512

eeb3d7cb5c14f7d891ab966093c069f1f24d0b1a8e97bcf74de1fd0b2eda57f53bbf65ed16d8a445fd8d707a39dfd8b3e7ce755d3750a0f0811bee1fc3c5e568
SSDEEP

3072:bxqZW7naxIF63+kkIier59khFLxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuwd:tqZj+k3lkh

Score

10^/10

muzh redline

Malware Config

Extracted

Family

redline

Botnet

muzh

C2

62.204.41.170:4172

Attributes

auth_value
ecaea4032f3e80f94da55d8e70a97db0

Signatures

Redline family
redline

Files

30e97c94990818f89838bd96b3c90c411e89cf801198a0be961944503b1329ba
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy