redline | 85c59de1c3e694b350a38b115c1dac784bc50bf9522c0c9a8f3a74b1a7e2de02[.]zip

General

Target

85c59de1c3e694b350a38b115c1dac784bc50bf9522c0c9a8f3a74b1a7e2de02.zip
Size

612KB
MD5

a3b2849656de0bd0b9c6a55a4ab0bfa8
SHA1

d9c99100e3b1100636a8c595e3577febaad90bcf
SHA256

5a57df26e345cb7e985044a7498954035ca64ae0952d19e9c28cf79c5e96d23b
SHA512

b40aa5d45d8e31c218cc6bfe87a92646bb399b1343fe6965bc3818e7797af3850a4c252cfd9483f61af5669eb42adfa5b07806e04c92b46de6b34c02387c33ff
SSDEEP

12288:wBj0+e4nGPfrI+Pu3S/4XqxvjqmPLl6fVAd+x2:wF0o6rdiPqxvtj3+x2

Score

10^/10

redline

RedLine payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/85c59de1c3e694b350a38b115c1dac784bc50bf9522c0c9a8f3a74b1a7e2de02	family_redline

85c59de1c3e694b350a38b115c1dac784bc50bf9522c0c9a8f3a74b1a7e2de02.zip
.zip

Password: infected
85c59de1c3e694b350a38b115c1dac784bc50bf9522c0c9a8f3a74b1a7e2de02
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 739KB - Virtual size: 738KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ