redline | 79d4dc3df252015895e353474a96da78323db0a7c3e50538b7ce1af04f4d502f

Analysis

max time kernel
141s
max time network
149s
platform
windows7_x64
resource
win7-20230703-en
resource tags

arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
submitted
10/07/2023, 13:17

Target

7c1f606fef562c6c4e04b6a7f.exe
Size

266KB
MD5

7c1f606fef562c6c4e04b6a7f9bfdff1
SHA1

a18c7cbaa8ac9088b1729f9856317d3e1b763b3b
SHA256

79d4dc3df252015895e353474a96da78323db0a7c3e50538b7ce1af04f4d502f
SHA512

736d7866fe13cb6953fbd00f8765ccd351459cf71563cdffe64224cfeeeb8bc95b6879b95fa374709c1dce685e1a928f78ca5d07b1070533c3958956836570b5
SSDEEP

3072:+jM+iOHMwew7+picM/LsVVct+Z7bYH9jqyo/QnfzKX+9MByRtq9Lxfx:4MvOswD7SVVctqoDo/QnfzKv2tq9L

Score

10^/10

Family

redline

Botnet

kira

77.91.68.48:19071

Attributes

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

C:\Users\Admin\AppData\Local\Temp\7c1f606fef562c6c4e04b6a7f.exe
"C:\Users\Admin\AppData\Local\Temp\7c1f606fef562c6c4e04b6a7f.exe"
1⤵
PID:2364

memory/2364-54-0x00000000002B0000-0x00000000002E0000-memory.dmp

Filesize
192KB

Download
memory/2364-58-0x0000000000730000-0x0000000000736000-memory.dmp

Filesize
24KB

Download
memory/2364-59-0x00000000046E0000-0x0000000004720000-memory.dmp

Filesize
256KB

Download