Behavioral task
behavioral1
Sample
3a32e5fed28c5727896f82b57b54e16a113fb5b4054a23504fe100423364fd82.exe
Resource
win7-20230220-en
General
-
Target
3a32e5fed28c5727896f82b57b54e16a113fb5b4054a23504fe100423364fd82.zip
-
Size
51KB
-
MD5
669e1dae170598d6a87b93d01c1196ec
-
SHA1
9f85398f0649edd901f7a5e71f84411c6d97c58b
-
SHA256
f0a8580962ec37367bcde97b8a4ed3f30891e6922f042f03977195d6131ffc95
-
SHA512
4d95e5b0af2006c24be903c5da67f7e2c799bbe160ec85c8a736e78bb83a2141f85aa6f271705bb8442cf47f236363e7125de084430e941b12ab9159b3637566
-
SSDEEP
1536:VByuzr/ZantEidwbWUxqB7bBtidOVEO5eZsTugrEP:VT8tEidvtBUsic4CPrEP
Malware Config
Extracted
redline
muse
176.113.115.145:4125
-
auth_value
b91988a63a24940038d9262827a5320c
Signatures
-
Redline family
Files
-
3a32e5fed28c5727896f82b57b54e16a113fb5b4054a23504fe100423364fd82.zip.zip
Password: infected
-
3a32e5fed28c5727896f82b57b54e16a113fb5b4054a23504fe100423364fd82.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 105KB - Virtual size: 104KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ