redline | 2028-61-0x0000000000400000-0x000000000044C000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

2028-61-0x...ry.exe

windows7-x64

2028-61-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

mojno v rot redline

1 signatures

Behavioral task

behavioral1

Sample

2028-61-0x0000000000400000-0x000000000044C000-memory.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

2028-61-0x0000000000400000-0x000000000044C000-memory.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

2028-61-0x0000000000400000-0x000000000044C000-memory.dmp
Size

304KB
MD5

d9e549698085373662d38b71c07d1f6f
SHA1

f92e1a7de4a1473622b1007ec00d2fca2e846aed
SHA256

ac240be784f6b2ba2be4c9d1c15212df4f7fc8c8d20189e7c6f9cc1db689361b
SHA512

f7325f9d7355d23917a6bb1c9640ce280b604bf0f724b916541ff5d69c89ec76a5edd4527db79d030936b9406e1866bc2c7395a5d77e858489899f75b0df3497
SSDEEP

6144:ZqZOqEORgzhwAi91blbkf++++Ec84pzFTH9B1Xe+GAuoLS/A:ZSOqE+gzWA+bXIj9u+GA3S4

Score

10^/10

mojno v rot redline

Malware Config

Extracted

Family

redline

Botnet

mojno v rot

C2

79.137.192.41:40084

Attributes

auth_value
0cd15a7512436db6ce132ddeaf3b5aeb

Signatures

Redline family
redline

Files

2028-61-0x0000000000400000-0x000000000044C000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy