Behavioral task
behavioral1
Sample
04a206dfda741eb98efd4b092b0c679c0706d213e411b406dbb98769084c836e.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
04a206dfda741eb98efd4b092b0c679c0706d213e411b406dbb98769084c836e.exe
Resource
win10-20230220-en
General
-
Target
04a206dfda741eb98efd4b092b0c679c0706d213e411b406dbb98769084c836e
-
Size
175KB
-
MD5
ff7f91fa0ee41b37bb8196d9bb44070c
-
SHA1
b332b64d585e605dddc0c6d88a47323d8c3fc4d1
-
SHA256
04a206dfda741eb98efd4b092b0c679c0706d213e411b406dbb98769084c836e
-
SHA512
58346361209cf47feb27c7f4ee8d44fd81da584202ec7563f79691739a2fc3b2ab84d5bbfb1da10507eb4b92263dd55ceeb3f988bffdaf794347103546aebc35
-
SSDEEP
3072:TxqZW8TaVMq+vlawEIhe2E9ChEaxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuP:lqZPlawfwCh
Malware Config
Extracted
redline
@REDLINEVIPCHAT Cloud (TG: @FATHEROFCARDERS)
151.80.89.234:19388
-
auth_value
56af49c3278d982f9a41ef2abb7c4d09
Signatures
-
Redline family
Files
-
04a206dfda741eb98efd4b092b0c679c0706d213e411b406dbb98769084c836e.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 105KB - Virtual size: 104KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ