Behavioral task
behavioral1
Sample
2340-54-0x00000000002A0000-0x00000000002D0000-memory.exe
Resource
win7-20230703-en
General
-
Target
2340-54-0x00000000002A0000-0x00000000002D0000-memory.dmp
-
Size
192KB
-
MD5
c6a506103d4707d42b49ba1d5a8f9ae8
-
SHA1
5bb4d4608af295f1ec03a025cda67d093227053c
-
SHA256
dbf4737fa5dab00f28f25c3914e9d37f998547462e4411ab9032043ee61248b1
-
SHA512
70a3f9ac9fed6666583d492c84c4d33f8d2109197cf8938223656ceadf6ff8545a2d23a8db77dbe0477efb4c8f4417b38b14cdc75f38291382a7213e0fc777e0
-
SSDEEP
1536:/I3qDrnv36sv0W7ToK64rH1dXhQLnuVIg9BHixNNVYQbxbuwH3oKd1z50GkRy8eL:wQ7dlhdCLnKLBHixN0I3441z598e8he
Malware Config
Extracted
redline
@salamalexus55rus
vikaneleneer.shop:80
-
auth_value
c53202fcbffd00597ecbbd70ebe4d497
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2340-54-0x00000000002A0000-0x00000000002D0000-memory.dmp
Files
-
2340-54-0x00000000002A0000-0x00000000002D0000-memory.dmp.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 132KB - Virtual size: 132KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 39KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ