redline | 2800-205-0x0000000000400000-0x0000000000430000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

2800-205-0...ry.exe

windows7-x64

2800-205-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2800-205-0x0000000000400000-0x0000000000430000-memory.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

2800-205-0x0000000000400000-0x0000000000430000-memory.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

2800-205-0x0000000000400000-0x0000000000430000-memory.dmp
Size

192KB
MD5

379ff572ad9e03f84b133ee009a2e821
SHA1

ee98068f1e0f2d2d403da9bc034f836e30bccecc
SHA256

db58f19017f13062a3de821d5542309854f17ef2dc2e41d582e85b2462e49b75
SHA512

71720a13ccd4099e8c3020c458da67e71db6fe320cc33df1f031299f913b80bbbebeca5f8f5966fa1c82c8455fd41d8a77783f21593083360f50a52229d67043
SSDEEP

3072:cqaym74qpXtmOnJjBawT253uaxfKfVvXgDOL3DlpPL0F0JCb3O3Cb3hj5jUj5j0Q:vsfDfBLh

Score

10^/10

redline

Malware Config

Extracted

Family

redline

C2

37.220.87.13:40676

Attributes

auth_value
d3fd69d54585690dab342d231923ffd6

Signatures

Redline family
redline

Files

2800-205-0x0000000000400000-0x0000000000430000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy