redline | 1112-55-0x0000000000400000-0x0000000000444000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1112-55-0x...ry.exe

windows7-x64

1112-55-0x...ry.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1112-55-0x0000000000400000-0x0000000000444000-memory.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1112-55-0x0000000000400000-0x0000000000444000-memory.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1112-55-0x0000000000400000-0x0000000000444000-memory.dmp
Size

272KB
MD5

ae283ff9311835850447b5cc40d370f5
SHA1

2310f96fc76c6b8dd7fb1ce07e9f23eaae188ca2
SHA256

a2cd4f518de13f9adc3d6149b54dd252748c55b6686973f3b22441fbf93f6631
SHA512

3ee7772129ec551e88daf1592549e8654bd95bcdcd81298c263d3c21135f90f1373bc3429a99cfd5c797abb0ee78b2e4cf88ca64d67dbaf7a796fb2731c99c9d
SSDEEP

1536:1aHbQzahOlfPBrK0/S/h+Y5hRSeIOV59MghbV7I/Ci0GkMJrh:YHbzoVK5+uRb7JeqMkArh

Score

10^/10

redline

Malware Config

Extracted

Family

redline

C2

37.220.87.13:48790

Attributes

auth_value
d4296b013e677361c5ae4bac05054d5b

Signatures

Redline family
redline

Files

1112-55-0x0000000000400000-0x0000000000444000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy