redline | 920-55-0x0000000000400000-0x000000000042E000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

920-55-0x0...ry.exe

windows7-x64

920-55-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

920-55-0x0000000000400000-0x000000000042E000-memory.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

920-55-0x0000000000400000-0x000000000042E000-memory.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

920-55-0x0000000000400000-0x000000000042E000-memory.dmp
Size

184KB
MD5

75305074fa77476ac5b3f2ce89bd89bb
SHA1

063ef693b6da16a90e917733054b76a398f1eae3
SHA256

7afecbe6308df05be00863e8146870320de98880073f7f3e518f57d89a33a879
SHA512

9900bb38f286f7ec7b70f1db2be3b3dd1d99ab86f29c36760111ceafcd6a1fb904468b0ebf66b4ae49346fd034d6ee5142a046443fded255ef07083c9ef223bd
SSDEEP

3072:Y7s23Cikpu5HnqVs3ZWUcsnA66j8e8hs:Y7s2Fk2fcsnA66j

Score

10^/10

lux1 redline

Malware Config

Extracted

Family

redline

Botnet

lux1

C2

176.123.9.142:14845

Attributes

auth_value
b1b98d832c653f467fcd3037f7f368b0

Signatures

Redline family
redline

Files

920-55-0x0000000000400000-0x000000000042E000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy