Behavioral task
behavioral1
Sample
b4c6ab9df582da5b8582e4456c9db47f780455558835ce6377e88e61c26e194b.exe
Resource
win7-20230220-en
General
-
Target
b4c6ab9df582da5b8582e4456c9db47f780455558835ce6377e88e61c26e194b.zip
-
Size
51KB
-
MD5
d8920014650f3e64142fd5d6875d72c9
-
SHA1
bd4479cedd244dc231c605f776de12178e559060
-
SHA256
6f98901fe51055f8c30755236a824e07bd505419f8caa04fd16eb8512c282a3a
-
SHA512
e1f43785b1e9967f3de67f8f3c53ab045e2511e3c11058972d5cc5ebad094b5ba422f9498d659324d4033a915cd433d66e46f0b61781087332ce66a3b336e4d8
-
SSDEEP
1536:VByuzr/ZantEidwbWUxqB7bBtidOVEO5eZsTugrEV:VT8tEidvtBUsic4CPrEV
Malware Config
Extracted
redline
muse
176.113.115.145:4125
-
auth_value
b91988a63a24940038d9262827a5320c
Signatures
-
Redline family
Files
-
b4c6ab9df582da5b8582e4456c9db47f780455558835ce6377e88e61c26e194b.zip.zip
Password: infected
-
b4c6ab9df582da5b8582e4456c9db47f780455558835ce6377e88e61c26e194b.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 105KB - Virtual size: 104KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ