redline | 1580-60-0x0000000006270000-0x00000000062B0000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1580-60-0x0000000006270000-0x00000000062B0000-memory.dmp
Size

256KB
MD5

2fef01093df006ad117628f08cacf8c1
SHA1

a215d447d4ed89edaea361c7546e0ea0d5d3da4f
SHA256

7142d8252344c593ccc5991b912ee178dee86e0ba649731e432a6a8f775c913b
SHA512

c4001700d267d85d95ade63754194a28bb3ff2a2f8e215c98bcfbfddeee39bb055d1c85ef78b190fb4f108a89739fde4d86d40fa1fb80a49072b1a1a2a7a4f2a
SSDEEP

3072:Rd8vs69J56kC75iEd5b2B6lZsU8BOl2a/N4+khzu68e8hRr1d8vsq:8vs6kkC7zBcjBOl2CNgi6Jvsq

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1580-60-0x0000000006270000-0x00000000062B0000-memory.dmp

Files

1580-60-0x0000000006270000-0x00000000062B0000-memory.dmp
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ