redline | 5d928481d560c92fd75ab0c2753a3658919eb148a1e53b1ea2b14246c6ed3eb1 | Triage

Submit
Reports

Overview

overview

Static

static

0x00090000...78.exe

windows7-x64

0x00090000...78.exe

windows10-2004-x64

Analysis

max time kernel
137s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
23/05/2023, 19:44

Sharing

Copy URL Twitter E-mail

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0x0009000000012302-78.exe

Resource

win7-20230220-en

redline diza infostealer

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

0x0009000000012302-78.exe

Resource

win10v2004-20230220-en

redline diza infostealer

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

0x0009000000012302-78.exe
Size

145KB
MD5

fe2d269d2d2dc99dbaaa03a12b9697d1
SHA1

2772b106d4694301cbd9c9b69f86c2f1867c8aa9
SHA256

5d928481d560c92fd75ab0c2753a3658919eb148a1e53b1ea2b14246c6ed3eb1
SHA512

362fe0f737b5ce4840eda67545a3b7006baa5589edbc5adefe1fcd98fb12eedaa44e1d86fda764d88724d5291cd0589f7f7ac380dd6809f204ad7f06eee670a3
SSDEEP

3072:vV+m5cVQmRSx9WCEkEhPW67V8BjVhtZN8e8ht:vj4oihwlVht3

Score

10^/10

redline diza infostealer

Malware Config

Extracted

Family

redline

Botnet

diza

C2

185.161.248.37:4138

Attributes

auth_value
0d09b419c8bc967f91c68be4a17e92ee

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

Processes

C:\Users\Admin\AppData\Local\Temp\0x0009000000012302-78.exe
"C:\Users\Admin\AppData\Local\Temp\0x0009000000012302-78.exe"
1⤵
PID:4020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4020-133-0x0000000000F60000-0x0000000000F8A000-memory.dmp

Filesize
168KB

Download
memory/4020-134-0x0000000005E60000-0x0000000006478000-memory.dmp

Filesize
6.1MB

Download
memory/4020-135-0x00000000059D0000-0x0000000005ADA000-memory.dmp

Filesize
1.0MB

Download
memory/4020-136-0x0000000005900000-0x0000000005912000-memory.dmp

Filesize
72KB

Download
memory/4020-137-0x0000000005990000-0x00000000059CC000-memory.dmp

Filesize
240KB

Download
memory/4020-138-0x0000000005940000-0x0000000005950000-memory.dmp

Filesize
64KB

Download
memory/4020-139-0x0000000005940000-0x0000000005950000-memory.dmp

Filesize
64KB

Download

© 2018-2025

Terms | Privacy