Overview

overview

10

Static

static

mixazed_20...13.exe

windows7_x64

10

mixazed_20...13.exe

windows10_x64

10

Analysis

  • max time kernel
    134s
  • max time network
    151s
  • platform
    windows10_x64
  • resource
    win10v20210410
  • submitted
    23-06-2021 13:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mixazed_20210623-103613.exe

  • Size

    425KB

  • MD5

    5f35fff57131a77552253dd9741d17af

  • SHA1

    f4c66a4ab95e71571cfb8a5f8d69676905cc03a7

  • SHA256

    7402d9920bf54ae1892411899be338b3931d99bb0e8f756096d62999161923bc

  • SHA512

    ec999fd4612f379a30c98c5cb9dec6f419405364f79969bca7200f2b8e0dcf0f570210aba84e5e34fb2d5adbf6d3f968e6942817900d7745b31a8bfbd73faa43

Score
10/10
redlineinfostealer

Malware Config

Extracted

Family

redline

C2

185.215.113.50:43919

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\mixazed_20210623-103613.exe
    "C:\Users\Admin\AppData\Local\Temp\mixazed_20210623-103613.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:500

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/500-114-0x0000000000C30000-0x0000000000C4A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/500-115-0x0000000005070000-0x0000000005071000-memory.dmp

    Filesize

    4KB

    Download

  • memory/500-116-0x0000000002840000-0x0000000002859000-memory.dmp

    Filesize

    100KB

    Download

  • memory/500-117-0x0000000005570000-0x0000000005571000-memory.dmp

    Filesize

    4KB

    Download

  • memory/500-118-0x0000000004EF0000-0x0000000004EF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/500-119-0x0000000004F10000-0x0000000004F11000-memory.dmp

    Filesize

    4KB

    Download

  • memory/500-120-0x0000000000910000-0x0000000000A5A000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/500-121-0x0000000000400000-0x0000000000908000-memory.dmp

    Filesize

    5.0MB

    Download

  • memory/500-122-0x0000000005060000-0x0000000005061000-memory.dmp

    Filesize

    4KB

    Download

  • memory/500-123-0x0000000005062000-0x0000000005063000-memory.dmp

    Filesize

    4KB

    Download

  • memory/500-124-0x0000000005063000-0x0000000005064000-memory.dmp

    Filesize

    4KB

    Download

  • memory/500-125-0x0000000004F70000-0x0000000004F71000-memory.dmp

    Filesize

    4KB

    Download

  • memory/500-126-0x0000000005C20000-0x0000000005C21000-memory.dmp

    Filesize

    4KB

    Download

  • memory/500-127-0x0000000005064000-0x0000000005066000-memory.dmp

    Filesize

    8KB

    Download