Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Analysis

  • max time kernel
    289s
  • max time network
    303s
  • platform
    windows10-1703_x64
  • resource
    win10-20230703-en
  • resource tags

    arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
  • submitted
    07/07/2023, 22:18

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    l2719538.exe

  • Size

    257KB

  • MD5

    fab15e37c7eabd044a407eaeae31089c

  • SHA1

    df4600ec5ef554b180a7a16173b14794560613bc

  • SHA256

    3afa57a5f8d726a3fd5b81e004453cda66743aa5ae32f224678fb69512c7bc9d

  • SHA512

    cd44f63163f927413238c0f8da5763eb74ddd1a3d4540932ec0e339e4a85c23a7fefb1fefe3290bca9ecdd68d2792d31e7d20e4dd8db5e4dd114ff987c85e60f

  • SSDEEP

    6144:H8iIKVp+ly2WtzH7NrIrBJjvft5LZFL92hUPEIW:H8iI4IYR0vfjZZ92hU

Score
10/10
redlinefurodinfostealer

Malware Config

Extracted

Family

redline

Botnet

furod

C2

77.91.68.70:19073

Attributes
  • auth_value

    d2386245fe11799b28b4521492a5879d

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

Processes

  • C:\Users\Admin\AppData\Local\Temp\l2719538.exe
    "C:\Users\Admin\AppData\Local\Temp\l2719538.exe"
    1⤵
      PID:4852

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/4852-117-0x0000000000520000-0x0000000000550000-memory.dmp

            Filesize

            192KB

            Download

          • memory/4852-121-0x0000000000A00000-0x0000000000A06000-memory.dmp

            Filesize

            24KB

            Download

          • memory/4852-122-0x0000000004CA0000-0x00000000052A6000-memory.dmp

            Filesize

            6.0MB

            Download

          • memory/4852-123-0x00000000052B0000-0x00000000053BA000-memory.dmp

            Filesize

            1.0MB

            Download

          • memory/4852-124-0x0000000002760000-0x0000000002772000-memory.dmp

            Filesize

            72KB

            Download

          • memory/4852-125-0x0000000004C90000-0x0000000004CA0000-memory.dmp

            Filesize

            64KB

            Download

          • memory/4852-126-0x0000000002780000-0x00000000027BE000-memory.dmp

            Filesize

            248KB

            Download

          • memory/4852-127-0x00000000053C0000-0x000000000540B000-memory.dmp

            Filesize

            300KB

            Download

          • memory/4852-128-0x0000000004C90000-0x0000000004CA0000-memory.dmp

            Filesize

            64KB

            Download