Analysis
-
max time kernel
146s -
max time network
155s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
26-06-2022 05:23
Static task
static1
Behavioral task
behavioral1
Sample
c3e6c23a4b4db043.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
c3e6c23a4b4db043.exe
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
c3e6c23a4b4db043.exe
-
Size
1.3MB
-
MD5
b9e6d401a63b2ed2a60380307506edb8
-
SHA1
be0ec6271f20578ffb2523a8b5c2d3fbf07949e5
-
SHA256
50fe97e2ed07a016233860ededd36e47c077857d2b14b919a21a5f892a432ea3
-
SHA512
a0a853b292d2c2ab838c83234756c89c719c2b37ecdebb650f15fb1ef86bbda3d1ee1f3c3c596e9ef27e687b15bc3a40bbce7b66b5919366f0f7bbfb18219fae
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
76
C2
139.99.32.83:43199
Attributes
-
auth_value
44d461325298129ed3c705440f57962c
Signatures
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload 1 IoCs
Processes:
resource yara_rule behavioral1/memory/1992-55-0x0000000000AB0000-0x0000000000AD0000-memory.dmp family_redline