Behavioral task
behavioral1
Sample
3a65f720bc48f5ea51dd7c073961f71332cf864ec6ae1e3469a1a284dfaabdd8.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
3a65f720bc48f5ea51dd7c073961f71332cf864ec6ae1e3469a1a284dfaabdd8.exe
Resource
win10-20230220-en
General
-
Target
3a65f720bc48f5ea51dd7c073961f71332cf864ec6ae1e3469a1a284dfaabdd8
-
Size
175KB
-
MD5
f197d1eb5c9a1f9e586e2438529067b6
-
SHA1
143d53443170406749b1a56eab31cfd532105677
-
SHA256
3a65f720bc48f5ea51dd7c073961f71332cf864ec6ae1e3469a1a284dfaabdd8
-
SHA512
d20a7f47d033257751134687f0e0da3864864e0adb6575115e827c22d5b0a5f454023607dd5b0b37f1133715e3fae20e1bd60dca8d596d9763b4def339d5f4fb
-
SSDEEP
3072:nxqZW8TaVMq+v3Kankbe759rhZmxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOu9:xqZP3KwkCrh
Malware Config
Extracted
redline
@REDLINEVIPCHAT Cloud (TG: @FATHEROFCARDERS)
151.80.89.234:19388
-
auth_value
56af49c3278d982f9a41ef2abb7c4d09
Signatures
-
Redline family
Files
-
3a65f720bc48f5ea51dd7c073961f71332cf864ec6ae1e3469a1a284dfaabdd8.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 105KB - Virtual size: 104KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ