redline | 9f5f9e5ba636fdea5ddece4718c97ac619d0e4f135ae2a1e3da0a8886aa8efc2 | Triage

Analysis

max time kernel
120s
max time network
119s
platform
windows7_x64
resource
win7-en-20210920
submitted
14-10-2021 06:14

Sharing

Report Analysis Logs

General

Target

4058a27cf325710ab5a9020fe95e57f7.exe
Size

797KB
MD5

4058a27cf325710ab5a9020fe95e57f7
SHA1

975563bdd270c6a3ff2fd7f6befdfb31d7cecc5f
SHA256

9f5f9e5ba636fdea5ddece4718c97ac619d0e4f135ae2a1e3da0a8886aa8efc2
SHA512

df18aecac0ca2e42e621c36e789c7bcb44a11cf200e632dd9d526c5e3a2e26a500a705d5b09a0053fe606547b33e138d90cfeeac8f95f5b203757ea3177319ea

Score

10^/10

redline infostealer

Malware Config

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

RedLine Payload 1 IoCs

Processes:

resource	yara_rule
behavioral1/memory/1272-54-0x00000000004D0000-0x0000000000501000-memory.dmp	family_redline

C:\Users\Admin\AppData\Local\Temp\4058a27cf325710ab5a9020fe95e57f7.exe
"C:\Users\Admin\AppData\Local\Temp\4058a27cf325710ab5a9020fe95e57f7.exe"
1⤵
PID:1272

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1272-54-0x00000000004D0000-0x0000000000501000-memory.dmp

Filesize
196KB

Download