redline | 045b2556b99cfd43adb5437e4216a95b3ae7d0d74d6ca899959c6ee0d8a5509e[.]zip

Resubmissions

08/05/2023, 15:21

230508-srjjdsda8x 10

08/05/2023, 15:16

230508-snmfwada7s 10

Sharing

Copy URL Twitter E-mail

General

Target

045b2556b99cfd43adb5437e4216a95b3ae7d0d74d6ca899959c6ee0d8a5509e.zip
Size

64KB
MD5

2058470e8eaf941da0d1f71ec107a944
SHA1

db7948bc34dface9bb7efb96996124d1186cbeb9
SHA256

b0e0db4304e6e302db9923ed82faa1d1c3b7907187a08d6352d6908168d1d7cb
SHA512

dbe35baa169f81a7f38711cdeee997904b467af64ee1237c11d27cf986ecfe9cb2ab19fa1fbd9333c93b43f6837a669d86388709188bb29d2fb85e245f61a05c
SSDEEP

1536:tK+JOJVDokrqrbGXkOiAZCberAcu1Kc60ngw0UBTGArbciZDXD:trMJVNOvG2irhWJpgwRTPbciZDD

Score

10^/10

lipo redline

Malware Config

Extracted

Family

redline

Botnet

lipo

217.196.96.101:4132

Attributes

auth_value
3183df2d03b17daa3c5ecc95e60086a5

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/045b2556b99cfd43adb5437e4216a95b3ae7d0d74d6ca899959c6ee0d8a5509e

Files

045b2556b99cfd43adb5437e4216a95b3ae7d0d74d6ca899959c6ee0d8a5509e.zip
.zip

Password: infected
045b2556b99cfd43adb5437e4216a95b3ae7d0d74d6ca899959c6ee0d8a5509e
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

Password: infected

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 128KB - Virtual size: 127KB

.rsrc Size: 39KB - Virtual size: 38KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 128KB - Virtual size: 127KB

.rsrc
Size: 39KB - Virtual size: 38KB

.reloc
Size: 512B - Virtual size: 12B