redline | 3396-182-0x0000000000400000-0x0000000000447000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3396-182-0x0000000000400000-0x0000000000447000-memory.dmp
Size

284KB
MD5

e25b3d72915732842beb8a170f6784e6
SHA1

3436ff34139895642a5d889d88605589131064de
SHA256

99a8fee1158c6976cc88e054bc72cf77f075b3c5d7f1c0b75b5bc83887f4f69d
SHA512

bab92556d4c3272afc6d8f08642e59d94766b5e1828c4e0d6432883878f6bdab04b781aeafe71102d313346409a14ab5d87fbdbc8e770dbf39e734a1b4a69ecf
SSDEEP

3072:INViOyi8cwLt7+JgvPMHtDep2rqCnNsZWSZ5GxN8yi8yIHVF+q8e8hOTyPg:2iXizwZ7Nmxdti5ZkvVF+qRy

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3396-182-0x0000000000400000-0x0000000000447000-memory.dmp

Files

3396-182-0x0000000000400000-0x0000000000447000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 175KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9yvnoC
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.|3c
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ