Behavioral task
behavioral1
Sample
1980-0-0x0000000000220000-0x0000000000250000-memory.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
1980-0-0x0000000000220000-0x0000000000250000-memory.exe
Resource
win10v2004-20230915-en
General
-
Target
1980-0-0x0000000000220000-0x0000000000250000-memory.dmp
-
Size
192KB
-
MD5
015970981711ca04552ebc88d96ee095
-
SHA1
fcaf243bdc72a133068a0c4027f5baee1e0cf7f7
-
SHA256
5d76f8a8725823f2fc4fdaf8f79ae4ef6db25d18326b90db4ccdcb106e557eac
-
SHA512
4843765fe5086f9e2e75dcb5bb0215caca2a2c54787d63177c403426737401c09abf52c6b667c3fa5263ad195f8d3a1f5efdd1be0d01a9eeee852d1ab7f6f77b
-
SSDEEP
3072:gpO9UfEyWI0VqADsOfrhA2iWtAT4QE0kMIXYchPFtnYJH8e8h1:gpO9yWI0VqADdrQE0lchPFtnYB
Malware Config
Extracted
redline
@lightzee361
vikaneleneer.shop:80
-
auth_value
1c3c5d1241b4c1d5baf83287cc9901e9
Signatures
-
Redline family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1980-0-0x0000000000220000-0x0000000000250000-memory.dmp
Files
-
1980-0-0x0000000000220000-0x0000000000250000-memory.dmp.exe windows:4 windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 134KB - Virtual size: 133KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 39KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ