Analysis
-
max time kernel
65s -
max time network
135s -
platform
windows10_x64 -
resource
win10v20210408 -
submitted
14-10-2021 07:01
Static task
static1
Behavioral task
behavioral1
Sample
f0b5a7fe9f593ebdfa51aa578f0080a3fd8d8078563b044051bb6832fa1cf739.exe
Resource
win10v20210408
windows10_x64
0 signatures
0 seconds
General
-
Target
f0b5a7fe9f593ebdfa51aa578f0080a3fd8d8078563b044051bb6832fa1cf739.exe
-
Size
379KB
-
MD5
771773a77fb22faef478d4ba55c70b8a
-
SHA1
bead39600336ddad304e3626e2b444d489c07ef4
-
SHA256
f0b5a7fe9f593ebdfa51aa578f0080a3fd8d8078563b044051bb6832fa1cf739
-
SHA512
435bae9ffad982d9ebf8e842722665658ba455a38024f03057e83b215ce430a95bd95d7b4d69e08cab7b24632ef5b0a65c3f0e584c696da38ae4425b3bb35831
Score
10/10
Malware Config
Signatures
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload 2 IoCs
Processes:
resource yara_rule behavioral1/memory/656-117-0x0000000002270000-0x00000000022AF000-memory.dmp family_redline behavioral1/memory/656-119-0x0000000004A70000-0x0000000004AAE000-memory.dmp family_redline
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/656-116-0x0000000000400000-0x00000000004D1000-memory.dmpFilesize
836KB
-
memory/656-115-0x00000000001C0000-0x0000000000200000-memory.dmpFilesize
256KB
-
memory/656-117-0x0000000002270000-0x00000000022AF000-memory.dmpFilesize
252KB
-
memory/656-118-0x0000000004B20000-0x0000000004B21000-memory.dmpFilesize
4KB
-
memory/656-119-0x0000000004A70000-0x0000000004AAE000-memory.dmpFilesize
248KB
-
memory/656-120-0x0000000004B10000-0x0000000004B11000-memory.dmpFilesize
4KB
-
memory/656-121-0x0000000004B12000-0x0000000004B13000-memory.dmpFilesize
4KB
-
memory/656-122-0x0000000004B13000-0x0000000004B14000-memory.dmpFilesize
4KB
-
memory/656-123-0x0000000004B14000-0x0000000004B16000-memory.dmpFilesize
8KB
-
memory/656-124-0x0000000005020000-0x0000000005021000-memory.dmpFilesize
4KB