redline | 1972-2292-0x00000000026A0000-0x00000000026D2000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1972-2292-0x00000000026A0000-0x00000000026D2000-memory.dmp
Size

200KB
MD5

a91795d67d1f7b6176c85e6cab4bcb2a
SHA1

60c1dee6f7bc63a5fe0a1b615c58b7a853849072
SHA256

34a715948d20311c81ddbece7f0c65e8585f2894d9c43c3ceefaffe67c716958
SHA512

25e856080045ea5e9921f3fb7eb3522907de2aab643cce1229e14ff02df58407a2a4afb113a744f5859e6d63f495962fa595c66de59c5b708d8b29d2ae8fc125
SSDEEP

3072:ozDdAubgUE4j/HqVkKcO9XnpSN/8e8hBY:ozDOu0UPfw9XnpSN/V

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Files

1972-2292-0x00000000026A0000-0x00000000026D2000-memory.dmp
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ