Overview

overview

10

Static

static

40073a62aa...98.exe

windows7_x64

10

40073a62aa...98.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    4294178s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20220310-en
  • submitted
    12-04-2022 15:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    40073a62aad20fcaf8226d3ed7b7dd98.exe

  • Size

    367KB

  • MD5

    40073a62aad20fcaf8226d3ed7b7dd98

  • SHA1

    c50ea827a4e6695594580a562cfd8fd31630de90

  • SHA256

    bf443e407476f3c013f106bb2ffc7540dac5dc5badd162b9574f13fa500604ce

  • SHA512

    6f98ea608485b6cde18b1b16d0ef7820f0f5d27d70e5b68ba170675a5f5f6c8e10098caf1799c8e3d54be01e02c8536981c322025b79118d6b0b7fee9935adb7

Score
10/10
redline50discoveryinfostealerspywarestealer

Malware Config

Extracted

Family

redline

Botnet

50

C2

193.106.191.153:23196

Attributes
  • auth_value

    8735fcb130c82dd9d353478678d60bde

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\40073a62aad20fcaf8226d3ed7b7dd98.exe
    "C:\Users\Admin\AppData\Local\Temp\40073a62aad20fcaf8226d3ed7b7dd98.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2012

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2012-54-0x0000000000638000-0x0000000000662000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2012-55-0x0000000000638000-0x0000000000662000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2012-56-0x0000000000230000-0x0000000000267000-memory.dmp

    Filesize

    220KB

    Download

  • memory/2012-57-0x0000000000400000-0x0000000000484000-memory.dmp

    Filesize

    528KB

    Download

  • memory/2012-58-0x0000000001F30000-0x0000000001F60000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2012-59-0x0000000002080000-0x00000000020AE000-memory.dmp

    Filesize

    184KB

    Download

  • memory/2012-60-0x0000000004A94000-0x0000000004A96000-memory.dmp

    Filesize

    8KB

    Download