redline | da9694384b9dcff2d1408ae9ba6cc6939b5d94bcde0c5e4b5493d97733909032 | Triage

Submit
Reports

Overview

overview

Static

static

0x00070000...78.exe

windows7-x64

0x00070000...78.exe

windows10-2004-x64

Analysis

max time kernel
150s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20230221-en
resource tags

arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
submitted
19-05-2023 19:22

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0x0007000000015c52-78.exe

Resource

win7-20230220-en

redline dream infostealer

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

0x0007000000015c52-78.exe

Resource

win10v2004-20230221-en

redline dream infostealer

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

0x0007000000015c52-78.exe
Size

145KB
MD5

9fdf2a9915b07a16a2da9f8cd5e9db69
SHA1

7c9a287297d6b0aafaf196e67956dc03e4ca96c3
SHA256

da9694384b9dcff2d1408ae9ba6cc6939b5d94bcde0c5e4b5493d97733909032
SHA512

37b6a3c8a3c5f00c13392c00b5464ab2673f3c1459f7a67d571ebb67657546483bfb66e7de676e6d22fa1a30067f118661e2757903dab76cc278682909c277f3
SSDEEP

3072:sV+m5c/QmRSNY7WKA7vGJv3xnhMZx8e8hp:sj2BUanhMb

Score

10^/10

redline dream infostealer

Malware Config

Extracted

Family

redline

Botnet

dream

C2

77.91.68.253:4138

Attributes

auth_value
7b4f26a4ca794e30cee1032d5cb62f5c

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

Processes

C:\Users\Admin\AppData\Local\Temp\0x0007000000015c52-78.exe
"C:\Users\Admin\AppData\Local\Temp\0x0007000000015c52-78.exe"
1⤵
PID:1012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1012-133-0x00000000002D0000-0x00000000002FA000-memory.dmp

Filesize
168KB

Download
memory/1012-134-0x00000000051C0000-0x00000000057D8000-memory.dmp

Filesize
6.1MB

Download
memory/1012-135-0x0000000004D40000-0x0000000004E4A000-memory.dmp

Filesize
1.0MB

Download
memory/1012-136-0x0000000004C70000-0x0000000004C82000-memory.dmp

Filesize
72KB

Download
memory/1012-137-0x0000000004CD0000-0x0000000004D0C000-memory.dmp

Filesize
240KB

Download
memory/1012-138-0x0000000004FF0000-0x0000000005000000-memory.dmp

Filesize
64KB

Download
memory/1012-139-0x0000000004FF0000-0x0000000005000000-memory.dmp

Filesize
64KB

Download

© 2018-2024

Terms | Privacy