redline | 6d7b99994dd0f48f5fb1c9522e0403e3[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6d7b99994dd0f48f5fb1c9522e0403e3.bin
Size

560KB
MD5

6d7b99994dd0f48f5fb1c9522e0403e3
SHA1

99ae8617f65f4b004579eeb7272f0d9df2de4519
SHA256

7bfe0b8409c50a8ad7a5b533f95216cb0712cf9629314327c8d8ea64d488c792
SHA512

039a936045d40e810361b068a876e18a54671bc1f4f5029b466f94053f146e62c47bd571ac053347fbebd5a6d5c905bf987119dce3beca50bbc7addf0e2abf89
SSDEEP

12288:7dsqWtRiBYdzMbZF+A7LLSHuSYLKTDsQiv+U4BK:7d5CdzMHR3QuSYKBK

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d7b99994dd0f48f5fb1c9522e0403e3.bin

Files

6d7b99994dd0f48f5fb1c9522e0403e3.bin
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.~6v
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.\+k
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ