redline | 912-3053-0x0000000000A80000-0x0000000000AB2000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

912-3053-0...ry.exe

windows7-x64

912-3053-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

912-3053-0x0000000000A80000-0x0000000000AB2000-memory.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

912-3053-0x0000000000A80000-0x0000000000AB2000-memory.exe

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

912-3053-0x0000000000A80000-0x0000000000AB2000-memory.dmp
Size

200KB
MD5

daf1e2354a24d63e3bb26062b98c37cc
SHA1

0a612f73d510cecccb9c2a7081944d7021501295
SHA256

5c9792524dd59b58d388da81b68bb0d8bc1abf89527c478f68098769e07b862a
SHA512

1a6217a6befaf642e59cb177c129b77f818f8ae97bfb5b85c413ee4f5eeada0f2dfb22b0f30ce1f8ccf96e43e2093b6befd4357985abeb730fc77ed5dd80cc3c
SSDEEP

3072:DxqZWBJaHEDgXp5lCe159Eh4zxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuw+v:VqZV7ljEh

Score

10^/10

dent redline

Malware Config

Extracted

Family

redline

Botnet

dent

C2

193.233.20.33:4125

Attributes

auth_value
e795368557f02e28e8aef6bcb279a3b0

Signatures

Redline family
redline

Files

912-3053-0x0000000000A80000-0x0000000000AB2000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy