Overview

overview

10

Static

static

10

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Analysis

  • max time kernel
    289s
  • max time network
    307s
  • platform
    windows10-1703_x64
  • resource
    win10-20230703-en
  • resource tags

    arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
  • submitted
    24/07/2023, 00:02

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    n6260212.exe

  • Size

    174KB

  • MD5

    305abdd54486dccad33cad0ae2e14404

  • SHA1

    463f326d2d4cc8543ffb3fa63e4bdfe6ce594528

  • SHA256

    b406047ddbe132612c52739e0008545dd9bbbee4f5ad4f4ef7d93d1ae48ed375

  • SHA512

    943fbbc8089e82f52514dc7dc2c02d63ae3f4b867015b21722deafece74df473727f9dd4856d11765e6da94d0d7d889c1d4f672de898f492f54109898078e49b

  • SSDEEP

    1536:KV2UC336sv0W7T6sa3rHKijuAvDH8VQkxN2ZYQX3buhmweS4rN30GkR/8e8hV:+2l1xPiS6UQkxNlCpwT4rN388e8hV

Score
10/10
redlinenewsinfostealer

Malware Config

Extracted

Family

redline

Botnet

news

C2

77.91.68.68:19071

Attributes
  • auth_value

    99ba2ffe8d72ebe9fdc7e758c94db148

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

Processes

  • C:\Users\Admin\AppData\Local\Temp\n6260212.exe
    "C:\Users\Admin\AppData\Local\Temp\n6260212.exe"
    1⤵
      PID:3724

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/3724-117-0x0000000000B90000-0x0000000000BC0000-memory.dmp

            Filesize

            192KB

            Download

          • memory/3724-118-0x00000000731D0000-0x00000000738BE000-memory.dmp

            Filesize

            6.9MB

            Download

          • memory/3724-119-0x0000000002EE0000-0x0000000002EE6000-memory.dmp

            Filesize

            24KB

            Download

          • memory/3724-120-0x000000000AED0000-0x000000000B4D6000-memory.dmp

            Filesize

            6.0MB

            Download

          • memory/3724-121-0x000000000A9D0000-0x000000000AADA000-memory.dmp

            Filesize

            1.0MB

            Download

          • memory/3724-122-0x0000000002F10000-0x0000000002F20000-memory.dmp

            Filesize

            64KB

            Download

          • memory/3724-123-0x000000000A8C0000-0x000000000A8D2000-memory.dmp

            Filesize

            72KB

            Download

          • memory/3724-124-0x000000000A920000-0x000000000A95E000-memory.dmp

            Filesize

            248KB

            Download

          • memory/3724-125-0x000000000A960000-0x000000000A9AB000-memory.dmp

            Filesize

            300KB

            Download

          • memory/3724-126-0x00000000731D0000-0x00000000738BE000-memory.dmp

            Filesize

            6.9MB

            Download

          • memory/3724-127-0x0000000002F10000-0x0000000002F20000-memory.dmp

            Filesize

            64KB

            Download