redline | a5a26a5fc65bc0c806d1880e7da25a4fdae84cd00a0e11516cfc7822063c38ba | Triage

Submit
Reports

Overview

overview

Static

static

0x00090000...17.exe

windows7-x64

0x00090000...17.exe

windows10-2004-x64

Analysis

max time kernel
143s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
23/07/2023, 05:40

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0x0009000000016071-117.exe

Resource

win7-20230712-en

redline grom infostealer

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

0x0009000000016071-117.exe

Resource

win10v2004-20230703-en

redline grom infostealer

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

0x0009000000016071-117.exe
Size

173KB
MD5

56e029b3eaec6be97c98c58db4d597db
SHA1

83a3a1d626e985aab30d317caf2529113d39d6be
SHA256

a5a26a5fc65bc0c806d1880e7da25a4fdae84cd00a0e11516cfc7822063c38ba
SHA512

23e2b6145a4afee2c3621822bd2fbf65ea39680eefd5802db07d562da93d24fd2a70f99d2046690c399c544dae656a895ad9fe9e1b2b988ce45c52f88bbb2c72
SSDEEP

3072:Wl9OplNDfkf9j0avxN0oRHJY8wWY8e8h7:a9OPNATkYY8wWY

Score

10^/10

redline grom infostealer

Malware Config

Extracted

Family

redline

Botnet

grom

C2

77.91.68.68:19071

Attributes

auth_value
9ec3129bff410b89097d656d7abc33dc

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

Processes

C:\Users\Admin\AppData\Local\Temp\0x0009000000016071-117.exe
"C:\Users\Admin\AppData\Local\Temp\0x0009000000016071-117.exe"
1⤵
PID:3604

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3604-133-0x0000000000E70000-0x0000000000EA0000-memory.dmp

Filesize
192KB

Download
memory/3604-134-0x0000000074C10000-0x00000000753C0000-memory.dmp

Filesize
7.7MB

Download
memory/3604-135-0x0000000005F60000-0x0000000006578000-memory.dmp

Filesize
6.1MB

Download
memory/3604-136-0x0000000005A50000-0x0000000005B5A000-memory.dmp

Filesize
1.0MB

Download
memory/3604-138-0x0000000005930000-0x0000000005940000-memory.dmp

Filesize
64KB

Download
memory/3604-137-0x00000000058E0000-0x00000000058F2000-memory.dmp

Filesize
72KB

Download
memory/3604-139-0x0000000005980000-0x00000000059BC000-memory.dmp

Filesize
240KB

Download
memory/3604-140-0x0000000074C10000-0x00000000753C0000-memory.dmp

Filesize
7.7MB

Download
memory/3604-141-0x0000000005930000-0x0000000005940000-memory.dmp

Filesize
64KB

Download

© 2018-2025

Terms | Privacy