redline | 03aade56f56059c14d11c5c11b12b9f2[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03aade56f56059c14d11c5c11b12b9f2.bin
Size

560KB
MD5

03aade56f56059c14d11c5c11b12b9f2
SHA1

832c2d99cf2c73715691cfca8d19256f0f6efaaf
SHA256

fe63efc430e06282ba3beb23998eadf75a1bba77b824148ca587e7388caa1f8a
SHA512

ae99c40f1d15cc4f41cb19a86e0ce5a0b3fe7689a8fb6ddeae365f99d020f94534bbb9afa40446705782d099452cbc85c8d2b72bceeb4539f9ddd3bab8381989
SSDEEP

12288:1Buh9USrdHMwOS5T0lvI/+am7aFegmydD3KpZlgTXffnv:1Qh9rdHQ8Tp+amj9ydD3KnW/

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03aade56f56059c14d11c5c11b12b9f2.bin

Files

03aade56f56059c14d11c5c11b12b9f2.bin
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.>Tv
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.n7)
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ