redline | 1648-179-0x0000000000CE0000-0x0000000000E5D000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1648-179-0x0000000000CE0000-0x0000000000E5D000-memory.dmp
Size

1.5MB
MD5

5c16d2b2666b57183762bd9139930c92
SHA1

9387c9c626449135be7417337a51a292ac26a69f
SHA256

637a34af419cc6e8f4300adaa5cec6d6dd751e24e845f1b3ceb43b1cea26deba
SHA512

77f4be45608a91ff4bb49443e444d76a0e22879d1db346d0fc11a61b63010008c09964e5e06424a740bf94fd67af4d570a7327c0b5d536ed2d809d72c1d07be6
SSDEEP

12288:wlKxrmra1HQLcq3vPNMEO4guPX1D35OGO0Gu/NbH:ne3vPxNTLcW/NbH

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1648-179-0x0000000000CE0000-0x0000000000E5D000-memory.dmp

Files

1648-179-0x0000000000CE0000-0x0000000000E5D000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.textbss
Size: - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 368KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BBB
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.Right
Size: 684KB - Virtual size: 683KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE