Behavioral task
behavioral1
Sample
3D89E1EC9506941C75E963107A61FACD15B888FAC63A3.exe
Resource
win7-20230220-en
General
-
Target
3D89E1EC9506941C75E963107A61FACD15B888FAC63A3.exe
-
Size
175KB
-
MD5
7eb2ea9be103b2aaa850d6097e253dd1
-
SHA1
a8b22b57fa472cf8b5cb335578e5556808453c08
-
SHA256
3d89e1ec9506941c75e963107a61facd15b888fac63a3290ae125779c5c9918c
-
SHA512
3a5d7e61ebba11e924a530bfe2d9e4482fe71b556085469345b07043c1dc69ab8cbf591ec91bdd89c6b063eb2f020897bc03f1767d4eb86d83ddf61a2be26673
-
SSDEEP
3072:ExqZWwyaPY9pSsdeT590hiPxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOuw+caT:aqZfsI0h
Malware Config
Extracted
redline
LAST11
iiidsinbjvcsdvbg.top:81
sfghggewfgrthy.top:81
-
auth_value
2fca420c18d79c26f51af3c31915c9fe
Signatures
-
Redline family
Files
-
3D89E1EC9506941C75E963107A61FACD15B888FAC63A3.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 105KB - Virtual size: 104KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ