redline | 860-58-0x0000000000400000-0x0000000000432000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

860-58-0x0...ry.exe

windows7-x64

860-58-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

alorse or dance redline

1 signatures

Behavioral task

behavioral1

Sample

860-58-0x0000000000400000-0x0000000000432000-memory.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

860-58-0x0000000000400000-0x0000000000432000-memory.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

860-58-0x0000000000400000-0x0000000000432000-memory.dmp
Size

200KB
MD5

718f6a853b01a5f75295a8a36bdb461f
SHA1

3eb66909fd567680878c5b6852f8e928f1230904
SHA256

0079e3ae6f6309dfd2789d8cdf0aa0969e67a3f776b0b1705eaaec2e2207920d
SHA512

51d418b551bf16bc4076b1ff515be72433e86b089e6333ab8d05c6a3c555580e76ce6b6b54b7286b7188b009fd3499e31eceeb993e1d5ae2e696bd3b4dc6d1a4
SSDEEP

1536:nvZi55zWa3DfjRo9OpUCplYpFII6zmOlpemcJqWJbu3zWg39v0wuei+bnYcA:nxqZWqxamUaY3gzEmcJ7eKC9vhd

Score

10^/10

alorse or dance redline

Malware Config

Extracted

Family

redline

Botnet

alorse or dance

C2

79.137.192.41:40084

Attributes

auth_value
cab9649a3ff4dfc84b8f5d8dd9bec355

Signatures

Redline family
redline

Files

860-58-0x0000000000400000-0x0000000000432000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy