redline | 1440-56-0x0000000000080000-0x00000000000B2000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1440-56-0x...ry.exe

windows7-x64

1

1440-56-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

5350206221 redline

1 signatures

Behavioral task

behavioral1

Sample

1440-56-0x0000000000080000-0x00000000000B2000-memory.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1440-56-0x0000000000080000-0x00000000000B2000-memory.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1440-56-0x0000000000080000-0x00000000000B2000-memory.dmp
Size

200KB
MD5

32d13bb79215afa50b23a9ab9f4cc252
SHA1

c7ed3a26adb28d4a8cc5932a75d77e1577cd7d05
SHA256

0c48a6c9577cb4f4467b198749aed7f6f708bd3218715299653209913dde0c5e
SHA512

9a71a560c67834e6f4de5d0b25a7756c8d9839fce04c2aea0e2e8af554b670857ee7fddc92970eb42727f68c162554e91c40b9facb19aa7a772aa5de069699e1
SSDEEP

1536:5vZi55zWaUDfjJo9NhECpwvEFQYJ4F69WenllV/6Jbu3zBgQFQ0wuei+ZnYcM:5xqZWJpaPEDv03yEWGljieFHFQh3

Score

10^/10

5350206221 redline

Malware Config

Extracted

Family

redline

Botnet

5350206221

C2

195.20.17.139:80

Attributes

auth_value
cf75908d75b4508135a38c8679c86f6e

Signatures

Redline family
redline

Files

1440-56-0x0000000000080000-0x00000000000B2000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy