redline | c0ab39054c03e8ca29471f224debce53[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0ab39054c03e8ca29471f224debce53.bin
Size

560KB
MD5

c0ab39054c03e8ca29471f224debce53
SHA1

14757bf84c7796961372237c5f6fc154e2865f9b
SHA256

8311792cb2183d0fa0407177f12e9040bc77f9d32e9abbb2325cef8320d076fb
SHA512

9a791ce47630bacb9e8aeeb24ff7d7e4d28f70bbb2ccd05dc5596c6f66b62ee10f592d0a68684e45de050fa729eb18144fb5869f765c2a688b36df16182b5270
SSDEEP

12288:15UQzumhyU9W67T4cdyKK0LBR3Rb3ezT/lL4shJULQFvsgHDvSdQNG/QMae:15UQzlLh4cdtKWVJaT/l0shaQFvsgOae

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0ab39054c03e8ca29471f224debce53.bin

Files

c0ab39054c03e8ca29471f224debce53.bin
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Z?R
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.[mj
Size: 357KB - Virtual size: 357KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ