redline | 1672-54-0x0000000000DB0000-0x0000000000F6A000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1672-54-0x0000000000DB0000-0x0000000000F6A000-memory.dmp
Size

1.7MB
MD5

43c0adc96a5becd9e9b41f4b64200ab2
SHA1

e11c3620c7331bf2036e1e4930729e1c733b6d8c
SHA256

58dadbda271b5ea681012db6f6cafe6ded96fd434e276dc7959e0efb58f9a00c
SHA512

a39f7071b702d799fc6e1c815e4fd5869bf3cad90afe83b42d7292b3eb8af044f15c9b5658b3c77c9a1cad51f9f7f9e38376d3ea140155df6887a2d0dd8c68c0
SSDEEP

3072:ink3PfO4wLEx47rWlpC8dnbu8IsUaqabvsdmreNcZZgKjNWgurm90NU0HIYgafJt:Qqmpgx4608dS8daNcZWKHclAbE

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1672-54-0x0000000000DB0000-0x0000000000F6A000-memory.dmp

Files

1672-54-0x0000000000DB0000-0x0000000000F6A000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.AllIn
Size: 498KB - Virtual size: 498KB

IMAGE_SCN_MEM_READ

.AllIn
Size: 498KB - Virtual size: 498KB

IMAGE_SCN_MEM_READ

.AllIn
Size: 498KB - Virtual size: 498KB

IMAGE_SCN_MEM_READ