Aug23-sam-redline[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Aug23-sam-redline.zip
Size

353KB
MD5

dbe76bcc50209f69e4e37899cc98cb9c
SHA1

04ae51f9c0dc4be3c85b6bf318027c48ea83b795
SHA256

e996c3c6f8ba669289628077972730e970f10e6a61273d9260df05485cc93b85
SHA512

fab43593e93873eda225c806dd9d8e7e9036133547f5714017a1437eb159ee93b4242e70cd236dc25c016b8c154518bbf4b9eadd3993bfbf26ffe4fd3df705ac
SSDEEP

6144:bEGiw6SmsFfQN0Nf3eUsvJzWELe2IN2KrbeCdGr3J5IYYIWlafA4yDBHr6ceNpHv:bEw6SmT0NfOUsvJaIe92M/Gr55IYYIW6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b356572b26cd514de3462a3d9efd06b06f92d16f627860a0e39124c61250dd12

Files

Aug23-sam-redline.zip
.zip

Password: infected
b356572b26cd514de3462a3d9efd06b06f92d16f627860a0e39124c61250dd12
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ