redline | 612b21e2d9198d8e8bf72e631ed1c7ed5c529dc74d8c61d5129178691504b8d7

Analysis

max time kernel
142s
max time network
148s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
27-03-2023 17:03

Target

0x00080000000122ea-1062.exe
Size

175KB
MD5

ebbda5513113423edaa258505416fbaf
SHA1

e13b0f35cdb2ed8f6beb5e4fbc638f2c32a353d9
SHA256

612b21e2d9198d8e8bf72e631ed1c7ed5c529dc74d8c61d5129178691504b8d7
SHA512

4139b39875efafe9e1297335f9f07fbe50c054ee77a4fc64bfb3f095c41f1b8d191bdf0cec22c0e6e0eb0a2343e42a62406b88bcfaf4f9ee8edaba16346ac40d
SSDEEP

3072:0xqZWXragQx+/QpeUyUwUeRH93h2jxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jM:KqZWQpeTnP3h

Score

10^/10

Family

redline

Botnet

gong

193.233.20.33:4125

Attributes

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

C:\Users\Admin\AppData\Local\Temp\0x00080000000122ea-1062.exe
"C:\Users\Admin\AppData\Local\Temp\0x00080000000122ea-1062.exe"
1⤵
PID:1132

memory/1132-54-0x0000000000EA0000-0x0000000000ED2000-memory.dmp

Filesize
200KB

Download
memory/1132-55-0x0000000004C90000-0x0000000004CD0000-memory.dmp

Filesize
256KB

Download
memory/1132-56-0x0000000004C90000-0x0000000004CD0000-memory.dmp

Filesize
256KB

Download