redline | 1932-67-0x0000000000400000-0x00000000006E0000-memory[.]dmp | Triage

Sharing

General

Target

1932-67-0x0000000000400000-0x00000000006E0000-memory.dmp
Size

2.9MB
MD5

4f14fea4b494ead8f9a09d2b82eb0bd2
SHA1

ec8c54346c42ad65738e7a76ff08707a9bdd2644
SHA256

af74a136956e66d1cd09d482bd1f2b4fd18576d97585c6232bb2a84449093c7d
SHA512

fa7ee36964c608b952c7b6148018887373152a5ca20367318c19d329d4ce8358b2c65fd3661122755fb63de473cc437df371036217510f669bf044dcf71ce8b1
SSDEEP

6144:QugyX+qCWgBuYJBRSd5WMxdLmq/cQnAOROkO4Jg7DZtzki9bFDU:QupOqCWgwYJCdZ/Hn3XOK8DZtzki9bd

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1932-67-0x0000000000400000-0x00000000006E0000-memory.dmp

Files

1932-67-0x0000000000400000-0x00000000006E0000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 174KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.zdata
Size: 305KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 305KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 305KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE