Behavioral task
behavioral1
Sample
71beece728fdc39c03dca4dd84d30ffe229ca171a66a76dd2452a6ce9434054a.exe
Resource
win7-20230220-en
General
-
Target
71beece728fdc39c03dca4dd84d30ffe229ca171a66a76dd2452a6ce9434054a.zip
-
Size
51KB
-
MD5
e1a411d55378222144631f64f9fa907f
-
SHA1
ed1fc1d215629c867a74136c0e66b4b595bb9add
-
SHA256
9f0e4e5c997d47d262963323855c41fa4bea41be9b7128fff1afaebb2003a076
-
SHA512
992a134a8cb079acd8001a90f0e66d26e5bf54e813b4b54fd6e369308da20966c011354f137dfc44bcf5a35ac976f3ab8c5ca686f150d733df4f46d485a25755
-
SSDEEP
1536:UfZlP+MHWztHF9HVO0tvYDG9aiIJSghnuBM:Y+MHQFHvtKLvhuBM
Malware Config
Extracted
redline
from
176.113.115.145:4125
-
auth_value
8633e283485822a4a48f0a41d5397566
Signatures
-
Redline family
Files
-
71beece728fdc39c03dca4dd84d30ffe229ca171a66a76dd2452a6ce9434054a.zip.zip
Password: infected
-
71beece728fdc39c03dca4dd84d30ffe229ca171a66a76dd2452a6ce9434054a.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 105KB - Virtual size: 104KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ