redline | 486a650f41f555ff7b00d2adc0bed6896433304f85db4d889abf3d2fc22e6d55

Analysis

max time kernel
147s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
08-05-2023 15:09

Target

d8dca8c7a38d4270dc174ea97b08b68c4ca949da1d14369ebd9f4abbd6373dbc.exe
Size

106KB
MD5

b7e28e908205d80b3afcf1cfa18ee768
SHA1

da826631e490726dae784f592da43176d60b4bc3
SHA256

d8dca8c7a38d4270dc174ea97b08b68c4ca949da1d14369ebd9f4abbd6373dbc
SHA512

acc9f19100280f0173d8eed04dcd5970c48bdf684b6d11e88196f80e5975334d010ad63597c1c289ba054430abfd02975fe95cca78a735fe69fe46702f2736b5
SSDEEP

1536:gRxckCrfQ2IxAHcGhZPHPt98xrdUXcl2IFWyPfcHLBGcGwKbuZuwrslQ0wuei6C3:KCrfQAVbWdpfcHA/qwlQhY3

Score

10^/10

Family

redline

49.12.47.66:27973

Attributes

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

RedLine payload 1 IoCs

resource	yara_rule
behavioral2/memory/4364-133-0x00000000006B0000-0x00000000006D0000-memory.dmp	family_redline

C:\Users\Admin\AppData\Local\Temp\d8dca8c7a38d4270dc174ea97b08b68c4ca949da1d14369ebd9f4abbd6373dbc.exe
"C:\Users\Admin\AppData\Local\Temp\d8dca8c7a38d4270dc174ea97b08b68c4ca949da1d14369ebd9f4abbd6373dbc.exe"
1⤵
PID:4364

memory/4364-133-0x00000000006B0000-0x00000000006D0000-memory.dmp

Filesize
128KB

Download
memory/4364-134-0x00000000055F0000-0x0000000005C08000-memory.dmp

Filesize
6.1MB

Download
memory/4364-135-0x0000000005050000-0x0000000005062000-memory.dmp

Filesize
72KB

Download
memory/4364-136-0x0000000005180000-0x000000000528A000-memory.dmp

Filesize
1.0MB

Download
memory/4364-137-0x00000000050B0000-0x00000000050EC000-memory.dmp

Filesize
240KB

Download
memory/4364-138-0x00000000053D0000-0x00000000053E0000-memory.dmp

Filesize
64KB

Download
memory/4364-139-0x00000000053D0000-0x00000000053E0000-memory.dmp

Filesize
64KB

Download