Behavioral task
behavioral1
Sample
82b32f464096b34f47374b935f88264215cedff3ca4207cc4aacf9b7fb6469f3.exe
Resource
win7-20230220-en
General
-
Target
82b32f464096b34f47374b935f88264215cedff3ca4207cc4aacf9b7fb6469f3.zip
-
Size
51KB
-
MD5
51ff0ad321cfc99051c6a1634cf05aec
-
SHA1
391714ac71823b079ba059a3701cc62bb1584be2
-
SHA256
c6dac98178570146efc904fc4d6bcc5df17709171499498dbcfd055ae7e97c69
-
SHA512
ecef77bf1854eaad7ed605431716ef52da2af0ca58c9cb9466b84493b336ab55de288f6e33b11f8863129eb6dbf4fe60c4c283c23932c43496c9babb708202f2
-
SSDEEP
1536:SByuzr/ZantEidwbWUxqB7bBtidOVEO5eZsTugrEr:ST8tEidvtBUsic4CPrEr
Malware Config
Extracted
redline
muse
176.113.115.145:4125
-
auth_value
b91988a63a24940038d9262827a5320c
Signatures
-
Redline family
Files
-
82b32f464096b34f47374b935f88264215cedff3ca4207cc4aacf9b7fb6469f3.zip.zip
Password: infected
-
82b32f464096b34f47374b935f88264215cedff3ca4207cc4aacf9b7fb6469f3.exe windows x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 105KB - Virtual size: 104KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ