redline | 852-54-0x0000000000400000-0x000000000045A000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

852-54-0x0...ry.exe

windows7-x64

852-54-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

11.03.bonk redline

1 signatures

Behavioral task

behavioral1

Sample

852-54-0x0000000000400000-0x000000000045A000-memory.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

852-54-0x0000000000400000-0x000000000045A000-memory.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

852-54-0x0000000000400000-0x000000000045A000-memory.dmp
Size

360KB
MD5

19b1d245cf6860fa962b4bcd2c79fa7c
SHA1

ac9862b90cb7e51b019aa076a8723d9492fc8464
SHA256

163e51a2798b1b19b2eac6080d825e1af20379333764733e098e43521cc6a208
SHA512

fbd36c4f9c9d003c9b1e25bc2cea9b612af0c3e941ee1ecfc31e7f3d6e75e5024bd6c299f1960a2af32766badca2d828bc9c3368ac2505abd05caa9be9c46169
SSDEEP

6144:eHo7L6UGyJjvhZDF+Bt12F+jF0dGWxMqQay8eO6g7HAF:eIXhJj5fIF0dGWxMqQay8eO6g7HAF

Score

10^/10

11.03.bonk redline

Malware Config

Extracted

Family

redline

Botnet

11.03.BONK

C2

94.130.181.125:37659

Attributes

auth_value
0bba02a10b2737292331dae660c844c0

Signatures

Redline family
redline

Files

852-54-0x0000000000400000-0x000000000045A000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy