redline | b97cd66f94bb7c82e6e8158675293aaf[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b97cd66f94bb7c82e6e8158675293aaf.bin
Size

120KB
MD5

b97cd66f94bb7c82e6e8158675293aaf
SHA1

17e59b6c9373ef955df878bdfc775c850d4c0857
SHA256

ed3d13c8e3379f812384ec6b85aa9b9da127f0529a0951b0c647db4d9a7f8d8b
SHA512

e499acc9c660a59351fb714ac7490d7cf2dcbcd495afce0b2eb0635795b6799c9ea82d58088207ac44c04a21650d18caf8f77e6c30b0e6cc3aefa6bdd5a44f04
SSDEEP

3072:L3HcjBPe7NerE+CrFkDSuOkZDcXiqEqVRI:LeGKDRAX1

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b97cd66f94bb7c82e6e8158675293aaf.bin

Files

b97cd66f94bb7c82e6e8158675293aaf.bin
.exe windows:4 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ