redline | 1980-55-0x00000000000D0000-0x0000000000116000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1980-55-0x...ry.exe

windows7-x64

1

1980-55-0x...ry.exe

windows10-2004-x64

3

Sharing

Static task

static1

@positivedeat redline

1 signatures

Behavioral task

behavioral1

Sample

1980-55-0x00000000000D0000-0x0000000000116000-memory.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1980-55-0x00000000000D0000-0x0000000000116000-memory.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1980-55-0x00000000000D0000-0x0000000000116000-memory.dmp
Size

280KB
MD5

da45a441205d0173ca5e102bd32f76c3
SHA1

4fae1fcd437e86116c8e8422caf3f234aa00a07f
SHA256

911fdfa7e1af1f5ff4beaedf003d96b861aca5e0b12c869c9c950432feeae997
SHA512

278ce87af4920ddb112a5f1d887dd13645a5e049ad50daac3ca71f2626a616aedd868fd67916fccb345d4c11de57c94d83c79e03426b30a3951e55b4fcc8ea5c
SSDEEP

1536:laPPQzahmte7tLKQ2ti07YN8Buq4KEtPbV9EuyQWvwscyj26kMJr4:oPPzdtKNi/8cn9FPyQWvxcybkAr4

Score

10^/10

@positivedeat redline

Malware Config

Extracted

Family

redline

Botnet

@PositiveDeat

C2

37.220.87.8:42823

Attributes

auth_value
a53d4515884dfcd3e4832c7fccc143b1

Signatures

Redline family
redline

Files

1980-55-0x00000000000D0000-0x0000000000116000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy