redline | 2132-330-0x0000000000E40000-0x0000000000F5B000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2132-330-0x0000000000E40000-0x0000000000F5B000-memory.dmp
Size

1.1MB
MD5

c8d17749a2332a779cfe5a8cfa98c930
SHA1

1d5854651653151345a945613045de6cae023c5d
SHA256

35707679a839e31f944a08062a4741e70918941fe96cc9be025e2426295eabd9
SHA512

d18fed33e55c5594898c9f29441871791e96c4e444292ae56c3a81ab19594b20a6a35a1f9b87c1fd7cc4923614cb3b7131250dcd82ede1cb8ce6a40ab319b97a
SSDEEP

24576:9ZJDFq5EkF4rJuabK85mXuSIe3WzbNgcZwDybysMSq:9ZdkF4rJdbvYz5iNH

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2132-330-0x0000000000E40000-0x0000000000F5B000-memory.dmp

Files

2132-330-0x0000000000E40000-0x0000000000F5B000-memory.dmp
.exe windows:6 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 674KB - Virtual size: 674KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PUMP
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ