Behavioral task
behavioral1
Sample
c8cfa4abf719c1bf9c805567848c23d308db567754eba51425ff331834870b9e.exe
Resource
win7-20230220-en
General
-
Target
c8cfa4abf719c1bf9c805567848c23d308db567754eba51425ff331834870b9e.zip
-
Size
51KB
-
MD5
ed77ec65ea9953f26ce1d860ff1a4ee5
-
SHA1
b959d9b0d9e820557044ea11a2edb2b2d69180f4
-
SHA256
cc567525049018b44b3374693fd3b0bcc1b5033ae04b99a8808033111b2510da
-
SHA512
0726f1b64379727fe9a40bf39acbdce9a0b3357023d05db58fdc8c58f6567ccd307633bab050a701fec7bac2cbe0a65ea0b1f710a17f7f374b4949f45d6c3fd9
-
SSDEEP
1536:UfZlP+MHWztHF9HVO0tvYDG9aiIJSghnuBg:Y+MHQFHvtKLvhuBg
Malware Config
Extracted
redline
from
176.113.115.145:4125
-
auth_value
8633e283485822a4a48f0a41d5397566
Signatures
-
Redline family
Files
-
c8cfa4abf719c1bf9c805567848c23d308db567754eba51425ff331834870b9e.zip.zip
Password: infected
-
c8cfa4abf719c1bf9c805567848c23d308db567754eba51425ff331834870b9e.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 105KB - Virtual size: 104KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ