redline | 1288-54-0x0000000000400000-0x0000000000430000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1288-54-0x...ry.exe

windows7-x64

1288-54-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1288-54-0x0000000000400000-0x0000000000430000-memory.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1288-54-0x0000000000400000-0x0000000000430000-memory.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1288-54-0x0000000000400000-0x0000000000430000-memory.dmp
Size

192KB
MD5

5fe7453fa38c09fffc454ff5f4053591
SHA1

e1a68031bb68386079d386f3daf76169e8eb003d
SHA256

f53855ea284d7771b68b1e1045bae36fa99f5263fe6c375d20f96e323f1b49b2
SHA512

f1fa38edfc080f1fff0cf225bf5c75e5174bf19589c8a1e9e66728831489629e94ba261fbef2e84a78aa8a5bcb31b39b3125073d7a41c4ea89df153f0151374a
SSDEEP

3072:5qaJm74qpXtmOnJjBawT253uaxfKfVvXgDOL3DzpPL0F0JCb3O3Cb3hHSHUEcC8:xsfdLrKh

Score

10^/10

redline

Malware Config

Extracted

Family

redline

C2

82.115.223.46:57672

Attributes

auth_value
8c4ef9ff177a4afe6b853c4fb17e99ba

Signatures

Redline family
redline

Files

1288-54-0x0000000000400000-0x0000000000430000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy