redline | 1052-56-0x0000000000D70000-0x0000000000DB0000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1052-56-0x0000000000D70000-0x0000000000DB0000-memory.dmp
Size

256KB
MD5

b60b9666b882618d4cc52244c75f6f4c
SHA1

16b21b7ac09367eb6653883419e03ddc245a9c70
SHA256

e8dc2c63888e4c53ed382642d86e1b8c6dd93331a034172e4562f226c3152784
SHA512

fb5d1a589609de1ce0f492f20fb9c8a1e4171455f712db557967a9f9dcc9d817061900ce934780e51a36be02cafe81316dc5a9c5f75efdd6b662e0a24d0d4683
SSDEEP

3072:f8e8h1dDm4qVaeF/ydiL58e8h1V8gf+lgN2+:fYQydiL5g8U+lgNL

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Files

1052-56-0x0000000000D70000-0x0000000000DB0000-memory.dmp
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ