redline | 1500-55-0x0000000000400000-0x0000000000446000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1500-55-0x...ry.exe

windows7-x64

1

1500-55-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1500-55-0x0000000000400000-0x0000000000446000-memory.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1500-55-0x0000000000400000-0x0000000000446000-memory.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1500-55-0x0000000000400000-0x0000000000446000-memory.dmp
Size

280KB
MD5

0f500b5cd77ad1eca4d16086bb7654ea
SHA1

9cb5688f84a087463d1ab4ce589946281f1e04bf
SHA256

db22bd789597e15dc4b82b919ac5a55db4e6cce4ab080077b15c0501f3f9c799
SHA512

a8724813554bc42c6f0e748ca6db984bd16e7d82ef5aeaa75d1aafc0e9a80683feb73ff142c2ae7851c44d056a9e1f6c519633cc8b5ff5f927d47888ce4f7c68
SSDEEP

1536:ItWBNGrDVp6ivUOSuF2/aqFhvqUbV7v95v/wyrakLkMJrx:vLuDVvSlCqFhvrlb1WkLkArx

Score

10^/10

654 redline

Malware Config

Extracted

Family

redline

Botnet

654

C2

185.65.105.60:10805

Attributes

auth_value
762122531dcf2a6fba95431c415e85cb

Signatures

Redline family
redline

Files

1500-55-0x0000000000400000-0x0000000000446000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy