redline | af026c1eed3244cbf9bfdf45bdec106f[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af026c1eed3244cbf9bfdf45bdec106f.exe
Size

168KB
MD5

af026c1eed3244cbf9bfdf45bdec106f
SHA1

743a0c17f840e512cbfe7ce2804a1fc4b0d222d9
SHA256

33fdb1701881e948a5610d795d9e0c51ec447337afcd648d98dafa3ebed9ec7d
SHA512

5a3d83dd6eddb61c7831f4f6b9dfc8a013b8abee41e10f5f638eb46d734764ec5514d97db45c0fdec4e9ffaabd25c60d3c574cfda69f78a29faa9a46c03744c8
SSDEEP

3072:+d/Yh8pNsj7dkCqVQkQOOUvziaL8e8hY:+ZY0sqCMKUvziaL

Score

10^/10

tgkanal redline

Malware Config

Extracted

Family

redline

Botnet

TGKANAL

C2

95.214.24.238:42000

Attributes

auth_value
b04876ee81d4bd4b9a3e67471799ce66

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af026c1eed3244cbf9bfdf45bdec106f.exe

Files

af026c1eed3244cbf9bfdf45bdec106f.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ