redline | 2008-55-0x0000000000400000-0x0000000000444000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

2008-55-0x...ry.exe

windows7-x64

1

2008-55-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

1474623994_99 redline

1 signatures

Behavioral task

behavioral1

Sample

2008-55-0x0000000000400000-0x0000000000444000-memory.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

2008-55-0x0000000000400000-0x0000000000444000-memory.exe

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

2008-55-0x0000000000400000-0x0000000000444000-memory.dmp
Size

272KB
MD5

9c648952ddac0e7dccadfac036229bf8
SHA1

2d034f1eb67623f40914873df300ba1bbea731f3
SHA256

26087b260f16e2f127e28d8bf3ec7cab81621dde617609ad4bdabd4972064349
SHA512

ec3f1b83ea4cb879571af507ecabbd8b922660aaecd02edcbfdb1e79085d37c275dc9781a08a40510b3a2f1ad4a77ff54500539ae09d5c75c3739f6e58f43802
SSDEEP

1536:6aCyQzahONXDlTKKOVZ3cbLtuUI29+xn5MOZbV7cfabPakMJrF:vCyzstK/ZsPth+xbBqiWkArF

Score

10^/10

1474623994_99 redline

Malware Config

Extracted

Family

redline

Botnet

1474623994_99

C2

allbek.es:28786

Attributes

auth_value
dc9cea2484b65da8bd62583527966114

Signatures

Redline family
redline

Files

2008-55-0x0000000000400000-0x0000000000444000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy