redline | 9b790aed9dfa3ed79130326d22ace870[.]bin | Triage

Submit
Reports

Overview

overview

Static

static

2523f26462...ef.exe

windows7-x64

2523f26462...ef.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2523f26462ec436f120228e9299429a27b42cd871c861245f2e7b093f33ceaef.exe

Resource

win7-20220812-en

redline otr discovery infostealer spyware stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2523f26462ec436f120228e9299429a27b42cd871c861245f2e7b093f33ceaef.exe

Resource

win10v2004-20221111-en

redline otr discovery infostealer spyware stealer

windows10-2004-x64

6 signatures

150 seconds

General

Target

9b790aed9dfa3ed79130326d22ace870.bin
Size

50KB
MD5

9dbd9535bf10bbf589b9df486237ffc7
SHA1

f8556f96e8b95ccbbc9c93a168d152c8cef68210
SHA256

5d762a5aca863bc9015759a467a8e7e4033109750d4c1d31d0dc21e58d683630
SHA512

b0a8d8a11c7cf3144808d97034ee12c3ec30f54a9bc5c2c124e788cd1945a815dcd1e0ebad5421043d46dc019d3592e373d6ba4d9b767aad89d509adae450757
SSDEEP

768:BkrLhflO0v9N/RmYx6Q4U73ZA/59JbE/D/jN6zJct5RPTj544wr/+GcljXngwMv1:BkrLhfh9ZJFpA/5o/dKudPP54n7yMGPQ

Score

10^/10

otr redline

Malware Config

Extracted

Family

redline

Botnet

otr

C2

167.235.156.206:6218

Attributes

auth_value
5f14ae8c16eab4d3db39e1a86bdea1d8

Signatures

Redline family
redline

Files

9b790aed9dfa3ed79130326d22ace870.bin
.zip

Password: infected
2523f26462ec436f120228e9299429a27b42cd871c861245f2e7b093f33ceaef.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy