redline | 677b2d86491ac8ff179d9fedf454f12194ef5fcf29798a98bdc92df120cc7a74

Analysis

max time kernel
140s
max time network
152s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
16/07/2023, 02:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

549049c206798ac82da3d7bf88fec6d324737390070547998c0828b916905d9c.exe
Size

243KB
MD5

a477e784517edb8205cd457bc48b3815
SHA1

aa5056861b6734362185e3f864832175da0f70b0
SHA256

549049c206798ac82da3d7bf88fec6d324737390070547998c0828b916905d9c
SHA512

961ab6cb49e96b473571e4ac64d5a0c870f3ef6047ba5aa48cf4d9b7a8d4d1c0ba0a8d4d2890acc0aec1c8a3e809ed76b35606ed96c92a34255a810d7f3d621d
SSDEEP

6144:BLk847qGHjoltg7qZ0unKBxrDU/xuM466dQeTJ+:Bf6Dcg7qLyrDSxPGdQSA

Score

10^/10

redline logsdiller cloud (telegram: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Telegram: @logsdillabot)

147.135.165.22:17748

Attributes

auth_value
c2955ed3813a798683a185a82e949f88

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

C:\Users\Admin\AppData\Local\Temp\549049c206798ac82da3d7bf88fec6d324737390070547998c0828b916905d9c.exe
"C:\Users\Admin\AppData\Local\Temp\549049c206798ac82da3d7bf88fec6d324737390070547998c0828b916905d9c.exe"
1⤵
PID:2572

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2572-55-0x00000000005F0000-0x00000000006F0000-memory.dmp

Filesize
1024KB

Download
memory/2572-56-0x0000000000400000-0x00000000004F7000-memory.dmp

Filesize
988KB

Download
memory/2572-57-0x0000000000220000-0x000000000025F000-memory.dmp

Filesize
252KB

Download
memory/2572-59-0x0000000073E40000-0x000000007452E000-memory.dmp

Filesize
6.9MB

Download
memory/2572-58-0x0000000001EF0000-0x0000000001F28000-memory.dmp

Filesize
224KB

Download
memory/2572-60-0x00000000025A0000-0x00000000025E0000-memory.dmp

Filesize
256KB

Download
memory/2572-61-0x00000000025A0000-0x00000000025E0000-memory.dmp

Filesize
256KB

Download
memory/2572-62-0x00000000005C0000-0x00000000005F4000-memory.dmp

Filesize
208KB

Download
memory/2572-63-0x0000000002180000-0x0000000002186000-memory.dmp

Filesize
24KB

Download
memory/2572-64-0x00000000025A0000-0x00000000025E0000-memory.dmp

Filesize
256KB

Download
memory/2572-65-0x0000000000400000-0x00000000004F7000-memory.dmp

Filesize
988KB

Download
memory/2572-66-0x00000000005F0000-0x00000000006F0000-memory.dmp

Filesize
1024KB

Download
memory/2572-67-0x0000000073E40000-0x000000007452E000-memory.dmp

Filesize
6.9MB

Download
memory/2572-68-0x00000000025A0000-0x00000000025E0000-memory.dmp

Filesize
256KB

Download
memory/2572-69-0x00000000025A0000-0x00000000025E0000-memory.dmp

Filesize
256KB

Download
memory/2572-70-0x00000000025A0000-0x00000000025E0000-memory.dmp

Filesize
256KB

Download
memory/2572-71-0x00000000025A0000-0x00000000025E0000-memory.dmp

Filesize
256KB

Download

Analysis

Sharing

General

Malware Config

Extracted

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads