redline | d6c3c73bab780c6f91cf34ea6fd895826e11128da0a1f4eb6a5a4e734f3cbd9c | Triage

Analysis

max time kernel
133s
max time network
145s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
05/08/2023, 04:43

Sharing

Report Analysis Logs

General

Target

0x000600000001afd2-169.exe
Size

173KB
MD5

32b8281eb4b402ab5e164d932f8c8a2c
SHA1

417aae61797a4f73d3513823d1c94aca7eb4f69c
SHA256

d6c3c73bab780c6f91cf34ea6fd895826e11128da0a1f4eb6a5a4e734f3cbd9c
SHA512

5ec4b41353d9991229b825e664aac21764063b1139172a1eb6d5efa1ba304494b9a0b61646f5a3bc87b2263036f57a240af8c6c3d4959c92315814565d41e3ec
SSDEEP

3072:b5fB8CH2R16klxNtmud8q6msW+/8e8hrXO:bF5kbjV6msW+/

Score

10^/10

redline maxik infostealer

Malware Config

Extracted

Family

redline

Botnet

maxik

C2

77.91.124.156:19071

Attributes

auth_value
a7714e1bc167c67e3fc8f9e368352269

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

C:\Users\Admin\AppData\Local\Temp\0x000600000001afd2-169.exe
"C:\Users\Admin\AppData\Local\Temp\0x000600000001afd2-169.exe"
1⤵
PID:2180

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2180-54-0x00000000008D0000-0x0000000000900000-memory.dmp

Filesize
192KB

Download
memory/2180-55-0x0000000074190000-0x000000007487E000-memory.dmp

Filesize
6.9MB

Download
memory/2180-56-0x00000000003A0000-0x00000000003A6000-memory.dmp

Filesize
24KB

Download
memory/2180-57-0x0000000004B20000-0x0000000004B60000-memory.dmp

Filesize
256KB

Download
memory/2180-58-0x0000000074190000-0x000000007487E000-memory.dmp

Filesize
6.9MB

Download
memory/2180-59-0x0000000004B20000-0x0000000004B60000-memory.dmp

Filesize
256KB

Download