redline | 3964-133-0x0000000000E90000-0x0000000000FA4000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3964-133-0x0000000000E90000-0x0000000000FA4000-memory.dmp
Size

1.1MB
MD5

54bc4083f6d5e7eeedef786d57588f1d
SHA1

b93d55ba5b37ef6b7970d5b2d8e21c6e33e08820
SHA256

07d24fd456ba173fe1c23b3b565db09e61af804add034c26b432473afe413a6e
SHA512

961cc19a81d1ec99e3064d534dcd6402f092720a8ee3c4b9f6532151125eb53815f4df015a551afed9d5c5b5d81c93224d3ba0acb9a0d2fd1ae7a1c9f0ee25b9
SSDEEP

24576:Er42xQ56OUHp6QD7iuSBgMyYygUI0oyI:oHp6QD7Bj

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3964-133-0x0000000000E90000-0x0000000000FA4000-memory.dmp

Files

3964-133-0x0000000000E90000-0x0000000000FA4000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 728KB - Virtual size: 728KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 219KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ