redline | 1104-58-0x0000000000400000-0x0000000000420000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1104-58-0x...ry.exe

windows7-x64

1

1104-58-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

universecity1005 redline

1 signatures

Behavioral task

behavioral1

Sample

1104-58-0x0000000000400000-0x0000000000420000-memory.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1104-58-0x0000000000400000-0x0000000000420000-memory.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1104-58-0x0000000000400000-0x0000000000420000-memory.dmp
Size

128KB
MD5

22ac0dc2bbd731e4be9e39794a2a8114
SHA1

65f67d90d04f8ddac7645386e6b09d039f089de9
SHA256

adf65756405c37347ebd9c66db36c08e00b2a89a70d9291e17820923bb5bba68
SHA512

646aa1abb27a081f24360b381147f0c763a22893357affd027861778bf1855f3aee4a882b0ccaa1c99b21bd8876334d12c99224a1f798a46c689d5841952e9d4
SSDEEP

1536:RdCB40rj3G62vE/oSRN1eZARgCvhvszbV7295qnwyLa:yKQj3PoSteZARgCvhv+Mb02

Score

10^/10

universecity1005 redline

Malware Config

Extracted

Family

redline

Botnet

UniverSecity1005

C2

95.216.27.23:42121

Attributes

auth_value
d14f2b9ad039778256cc141b5fdc9a1b

Signatures

Redline family
redline

Files

1104-58-0x0000000000400000-0x0000000000420000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy