redline | 3008-47-0x0000000000400000-0x000000000051B000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3008-47-0x0000000000400000-0x000000000051B000-memory.dmp
Size

1.1MB
MD5

9b998069a3143afad5c0003dfb3f664c
SHA1

eb58fb5938892ead08a511c6e6f35215afefd635
SHA256

9a02b326562673c1bef64131bed4c05d58c5675b38c566d1fd301a9e7d3542d3
SHA512

99836df60863699967f35019ee8d631cbf4563b10ccc87707265aeef294f1160c6b3344c245d419dfa06209d05baadceb0b41c499a0ea3fbd7a96ec45f1f42ef
SSDEEP

24576:iezc8Lo3AcFsYKtHwU0h/rBdfuOEY7PvDslak95lq:O8LZ+1jLwlL95Y

Score

10^/10

redline

Malware Config

Signatures

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3008-47-0x0000000000400000-0x000000000051B000-memory.dmp

Files

3008-47-0x0000000000400000-0x000000000051B000-memory.dmp
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cSs
Size: 873KB - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ