redline | 06597499[.]dmp | Triage

Sharing

General

Target

06597499.dmp
Size

192KB
MD5

8fdbd0b6248a29be4fd99a1b8a259129
SHA1

36d0cb031118b743c7c1cca45c4918ebb5d42c39
SHA256

dce4d766677b9231de634b70248fc0ced50c4736e61da6f9e0fd7c8991b667b7
SHA512

e6e9fcbdfeb77603ff5c36fc70fe1c2b3d8e27ba6ab33eacbf83fade8fb70a293788eb50c11218108d26cf6ce210b701aba6fd862bafd10362b4300175573115
SSDEEP

3072:29tDiwyqSVghBGfAGtTjxNKifvWPxnb8e8hy:WibuhM5ZmnPxnb

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06597499.dmp

Files

06597499.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ