redline | 1720-253-0x0000000000740000-0x00000000008BD000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1720-253-0x0000000000740000-0x00000000008BD000-memory.dmp
Size

1.5MB
MD5

21d62a93fbf9e9bbaee2bf6ad65cc01a
SHA1

377e75d9f5b554e287c318b805a69c2553d2909d
SHA256

852d4ad6c65748fed6ff808bdff355dfe8251d707b8bb2bd8f1dfc5d16746c91
SHA512

69abcf332ba56dfb5a235fc419807685757f549a0c3019f37e16ece02bdce74c727405ae6893ec58bfc6e896e53908e07c96b8261738909a64662e8d2b048cac
SSDEEP

12288:2lKt16i0PElB4ZQc3v3q0hEa87xk6uhNZ6D35OGO0Gu/NbH:h2l3v3qW8eh6LcW/NbH

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1720-253-0x0000000000740000-0x00000000008BD000-memory.dmp

Files

1720-253-0x0000000000740000-0x00000000008BD000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.textbss
Size: - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 368KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BBB
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.Right
Size: 684KB - Virtual size: 683KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE