Behavioral task
behavioral1
Sample
0x00070000000231dc-171.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
0x00070000000231dc-171.exe
Resource
win10v2004-20230703-en
General
-
Target
0x00070000000231dc-171.dat
-
Size
177KB
-
MD5
3bb9b9a9b31225e19f6440c482e09a6c
-
SHA1
c423c71e0c51ca3345796727c8a1e58086ccfd1c
-
SHA256
c80d27becdc8749867d29a0c22382faeca369ae6ce97f59f55c9db28e45b18c3
-
SHA512
5de8567a9cfd85b27fb2929e9d9814e29b048de30ce8cc9ad1bb676c5e70683cf37e5b9df50b71b811359a032c043e2ddec4a0e99d625bc2941f0bc6482bc775
-
SSDEEP
3072:b5fB8CH2R16klxNtmud8q6msW+/8e8hrXO:bF5kbjV6msW+/
Malware Config
Extracted
redline
maxik
77.91.124.156:19071
-
auth_value
a7714e1bc167c67e3fc8f9e368352269
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0x00070000000231dc-171.dat
Files
-
0x00070000000231dc-171.dat.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 132KB - Virtual size: 132KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 39KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ