Overview

overview

10

Static

static

3

n9918392.exe

windows7-x64

10

n9918392.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    59s
  • max time network
    64s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/05/2023, 06:18

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    n9918392.exe

  • Size

    284KB

  • MD5

    457a35098be294881c036472c391c0ab

  • SHA1

    50c35326a8372bd7b082cee8f499e61d19805132

  • SHA256

    e444c1e464196100d6476c59d135b299d1ad637b184e1403e08181de344df4c6

  • SHA512

    c4f4f2155a94815ad893490c9e5c65010acf88bad89bcb5460fa7232b835ddb7f87f0db2c9eb67760564427d124a542560acee4f0493bda08dfaefdda85f1051

  • SSDEEP

    6144:/DKW1Lgbdl0TBBvjc/EeXu1UTss/05OFHm9I:bh1Lk70TnvjcseXSO0I

Score
10/10
redlineinfostealer

Malware Config

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine payload 33 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\n9918392.exe
    "C:\Users\Admin\AppData\Local\Temp\n9918392.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:5036

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/5036-133-0x0000000004B60000-0x0000000005104000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/5036-134-0x00000000023F0000-0x0000000002400000-memory.dmp

          Filesize

          64KB

          Download

        • memory/5036-135-0x00000000023F0000-0x0000000002400000-memory.dmp

          Filesize

          64KB

          Download

        • memory/5036-136-0x00000000023F0000-0x0000000002400000-memory.dmp

          Filesize

          64KB

          Download

        • memory/5036-137-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-138-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-140-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-142-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-144-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-146-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-148-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-150-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-152-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-154-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-156-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-158-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-160-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-162-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-164-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-166-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-168-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-170-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-172-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-174-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-176-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-178-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-180-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-182-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-184-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-186-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-188-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-190-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-192-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-194-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-196-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-198-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-200-0x0000000002690000-0x00000000026CC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-1045-0x00000000051B0000-0x00000000057C8000-memory.dmp

          Filesize

          6.1MB

          Download

        • memory/5036-1046-0x0000000005850000-0x000000000595A000-memory.dmp

          Filesize

          1.0MB

          Download

        • memory/5036-1047-0x0000000005990000-0x00000000059A2000-memory.dmp

          Filesize

          72KB

          Download

        • memory/5036-1048-0x00000000059B0000-0x00000000059EC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/5036-1049-0x00000000023F0000-0x0000000002400000-memory.dmp

          Filesize

          64KB

          Download

        • memory/5036-1050-0x00000000023F0000-0x0000000002400000-memory.dmp

          Filesize

          64KB

          Download

        • memory/5036-1051-0x00000000023F0000-0x0000000002400000-memory.dmp

          Filesize

          64KB

          Download

        • memory/5036-1052-0x00000000023F0000-0x0000000002400000-memory.dmp

          Filesize

          64KB

          Download

        • memory/5036-1053-0x00000000023F0000-0x0000000002400000-memory.dmp

          Filesize

          64KB

          Download