redline | 1204-55-0x0000000000400000-0x0000000000432000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1204-55-0x...ry.exe

windows7-x64

1204-55-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1204-55-0x0000000000400000-0x0000000000432000-memory.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1204-55-0x0000000000400000-0x0000000000432000-memory.exe

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1204-55-0x0000000000400000-0x0000000000432000-memory.dmp
Size

200KB
MD5

b3d91fe8cc45850c88eb9b01a9db7aa8
SHA1

ae9f8a97e4e9cfc2a037bf115c5013a7025fb47b
SHA256

7e7886c0d372cc4affd3a2b7cdfef3565f0141f4922c9061e96b17cf93d097ee
SHA512

2033da0f0341c3a78c31536c6e5469328735a8169e2f72b5ef55f6b7ef22bf56bf4a02f968014b3381d97ebea4d18fa6c3618eabd92d47e8bd2432e1cf4567e5
SSDEEP

3072:gxqZWDGxafU74XPTIme7esa93hsvxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOT:OqZcvPTIHO3h

Score

10^/10

f2 redline

Malware Config

Extracted

Family

redline

Botnet

F2

C2

91.193.43.63:81

Attributes

auth_value
5d5654643beea676539c9a851b8e093f

Signatures

Redline family
redline

Files

1204-55-0x0000000000400000-0x0000000000432000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy