redline | 1492-55-0x0000000000400000-0x0000000000444000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1492-55-0x...ry.exe

windows7-x64

1492-55-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1492-55-0x0000000000400000-0x0000000000444000-memory.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1492-55-0x0000000000400000-0x0000000000444000-memory.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1492-55-0x0000000000400000-0x0000000000444000-memory.dmp
Size

272KB
MD5

61bf719e401ec54aed85aec0a8a0ad39
SHA1

437ae6bfff9ab0ee35f7041e08a73149f1d0379d
SHA256

62a23884c5933b77b365dcefab619a1beab175e77ff962c08c88bd731ff7d673
SHA512

daf398b62d4afcb4bf5c861ed8262e17f1962967090f2ba8a244b15993844964633f9926b02cd1e95a1e7e5f678ee231e4b58c0a171686dc752e08646e79d8ff
SSDEEP

1536:JaVaQzahCZX1b0KCsjTqZhRSeIOV59MghbV7I/Cwc3kMJrh:EVazESKLTURb7JeqTkArh

Score

10^/10

redline

Malware Config

Extracted

Family

redline

C2

37.220.87.13:48790

Attributes

auth_value
7da9acd8c6c263ef0dde36b5fd07c25f

Signatures

Redline family
redline

Files

1492-55-0x0000000000400000-0x0000000000444000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy