Behavioral task
behavioral1
Sample
33c69b129489aa9c325a38ff79d1549054754e34aa63200688da8a534adf3353.exe
Resource
win7-20230220-en
General
-
Target
33c69b129489aa9c325a38ff79d1549054754e34aa63200688da8a534adf3353
-
Size
175KB
-
MD5
f95e0b0dfd01f6fe79db4ebcaa076268
-
SHA1
a0730cf178a4abf89dc34c2d73652cbd350b2293
-
SHA256
33c69b129489aa9c325a38ff79d1549054754e34aa63200688da8a534adf3353
-
SHA512
47d1b289631b2812d228811004b9412c1704d67bb18a5974153476b74eea1c65e37f70b5e623d9b6748a6338b7ab22850106ee14a19d9ba6815582002cb7bf01
-
SSDEEP
3072:bxqZWXragQx+/QUX+BxeBhF7hTkOhcsQvpoYfn70Kt:tqZWQkUS7h/huvpoYj0K
Malware Config
Extracted
redline
TESTID
45.32.27.149:5000
-
auth_value
49eeb1db39d8009b2ec3f42976eb9d47
Signatures
-
Redline family
Files
-
33c69b129489aa9c325a38ff79d1549054754e34aa63200688da8a534adf3353.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 105KB - Virtual size: 104KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ