redline | 1360-56-0x0000000000400000-0x0000000000432000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1360-56-0x...ry.exe

windows7-x64

1360-56-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

local_host redline

1 signatures

Behavioral task

behavioral1

Sample

1360-56-0x0000000000400000-0x0000000000432000-memory.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1360-56-0x0000000000400000-0x0000000000432000-memory.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1360-56-0x0000000000400000-0x0000000000432000-memory.dmp
Size

200KB
MD5

8c7ffe92549ee66eb7390894511d6298
SHA1

cb8be862f5fb6dd8f03f5992ec447728e0e3ad8b
SHA256

30dc55c6abbe369ad9a49ea265eeba3c267dcdf8c9c9139ae65cd30e4014afdb
SHA512

a01f0c4907c0a51ec51b6d2654ed01346c52265434c03402b8e1f9a7bb551136a401742965e9e8eabb80a248108c7512c6b187189118b407524b48b5b8f18313
SSDEEP

3072:bxqZW3Daa5U5sg9tbk3EIme359LhwrxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw09:tqZRk3fNLh

Score

10^/10

local_host redline

Malware Config

Extracted

Family

redline

Botnet

local_host

C2

89.248.165.122:33403

Attributes

auth_value
8fc10311af5b52789f773fd7d1959626

Signatures

Redline family
redline

Files

1360-56-0x0000000000400000-0x0000000000432000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy