Behavioral task
behavioral1
Sample
0x0007000000013139-1929.exe
Resource
win7-20230220-en
General
-
Target
0x0007000000013139-1929.dat
-
Size
175KB
-
MD5
a3cf24a81a3c9ede4d1d72c6d3aaae01
-
SHA1
c01da471775ad657bf980760aa18333dbcc57ce0
-
SHA256
a2d48177e1226bfe344b99e0cbe99a6b75b029e12173ea71de09addd3b630c20
-
SHA512
f64a8c545d69e72831759f0fe69f903fac1afb31b5e7c5c191f14760edd0d2f31b71b028ff6f836e836adc79e9525737a8d8bfa46d49befcbb7f10f6459e9b63
-
SSDEEP
3072:yxqZWDfnaxIF63WUX+BJe5bF+h3HxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOh:gqZcmWkUM+h
Malware Config
Extracted
redline
fomich
melevv.eu:4162
-
auth_value
b018e52ac946001794d8b8c23e901859
Signatures
-
Redline family
Files
-
0x0007000000013139-1929.dat.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 105KB - Virtual size: 104KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ