Behavioral task
behavioral1
Sample
adfc6fb3b5e81c02612b8171f0ae2d10.exe
Resource
win7-20230220-en
General
-
Target
adfc6fb3b5e81c02612b8171f0ae2d10
-
Size
174KB
-
MD5
adfc6fb3b5e81c02612b8171f0ae2d10
-
SHA1
d3ac18ec81f039c7a61838966b495cb844596997
-
SHA256
ada48926a62a48b02a596efb0861138e1a301c59b221ea397b040533e2303a68
-
SHA512
a0837221b15ec9428b474744f4deff5ca034d1638251a7275b9b51ec40a872d70b7ad9f90d12b270d0a46cdf0fb48e15c89e1895a5f48d824dba1c86ee370a6e
-
SSDEEP
1536:+uBGlTP+mZP61CEYDmRSxcg4sWVlHx14P6OuQggtoQQGPbuoSImSJy0wuei/lv+6:YV+m5ctQmRSxGOSHRR1GELSshSZXD
Malware Config
Extracted
redline
@crluu7
167.235.158.92:45741
-
auth_value
7edd58fa8647e5797eab93a58f7cdd82
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource adfc6fb3b5e81c02612b8171f0ae2d10
Files
-
adfc6fb3b5e81c02612b8171f0ae2d10.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 105KB - Virtual size: 105KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ