redline | 1952-109-0x00000000022B0000-0x00000000022F6000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1952-109-0x00000000022B0000-0x00000000022F6000-memory.dmp
Size

280KB
MD5

986da9e8b6536416852c304251266b71
SHA1

1eaf52c35460357f7e30bc5a3b19a62fdc15a6b5
SHA256

5db33d0c2fbf019a8126e643def06d791de31bad7e56b4f1e7c4a9a52bf669f5
SHA512

780a22393c0891caea3ae1b0faea12b95c6c6e13256c7d9d0364a5a5c7d60bbb91d2bdcb0565b777d16083860c1b5e06f917d513a2796f3e4ab27418b4ac178c
SSDEEP

3072:9+6j4ELH6Vt7CENpmh6sLKR+utY/edHbpiWo40mTJghm0nlQoYKgQmExNn2pU9fr:46jgppZsLKwuAexbpZghdnlQH5Q

Score

10^/10

redline

Malware Config

Signatures

RedLine payload 1 IoCs

resource	yara_rule
sample	family_redline

Redline family
redline

Files

1952-109-0x00000000022B0000-0x00000000022F6000-memory.dmp
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ