redline | d6c3c73bab780c6f91cf34ea6fd895826e11128da0a1f4eb6a5a4e734f3cbd9c | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

0x00060000...69.exe

windows7-x64

0x00060000...69.exe

windows10-2004-x64

Analysis

max time kernel
143s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
05/08/2023, 04:43

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0x000600000001afd2-169.exe

Resource

win7-20230712-en

redline maxik infostealer

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

0x000600000001afd2-169.exe

Resource

win10v2004-20230703-en

redline maxik infostealer

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

0x000600000001afd2-169.exe
Size

173KB
MD5

32b8281eb4b402ab5e164d932f8c8a2c
SHA1

417aae61797a4f73d3513823d1c94aca7eb4f69c
SHA256

d6c3c73bab780c6f91cf34ea6fd895826e11128da0a1f4eb6a5a4e734f3cbd9c
SHA512

5ec4b41353d9991229b825e664aac21764063b1139172a1eb6d5efa1ba304494b9a0b61646f5a3bc87b2263036f57a240af8c6c3d4959c92315814565d41e3ec
SSDEEP

3072:b5fB8CH2R16klxNtmud8q6msW+/8e8hrXO:bF5kbjV6msW+/

Score

10^/10

redline maxik infostealer

Malware Config

Extracted

Family

redline

Botnet

maxik

C2

77.91.124.156:19071

Attributes

auth_value
a7714e1bc167c67e3fc8f9e368352269

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

Processes

C:\Users\Admin\AppData\Local\Temp\0x000600000001afd2-169.exe
"C:\Users\Admin\AppData\Local\Temp\0x000600000001afd2-169.exe"
1⤵
PID:3664

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3664-133-0x0000000075050000-0x0000000075800000-memory.dmp

Filesize
7.7MB

Download
memory/3664-134-0x0000000000E80000-0x0000000000EB0000-memory.dmp

Filesize
192KB

Download
memory/3664-135-0x000000000B350000-0x000000000B968000-memory.dmp

Filesize
6.1MB

Download
memory/3664-136-0x000000000AE40000-0x000000000AF4A000-memory.dmp

Filesize
1.0MB

Download
memory/3664-137-0x00000000033F0000-0x0000000003400000-memory.dmp

Filesize
64KB

Download
memory/3664-138-0x000000000AD30000-0x000000000AD42000-memory.dmp

Filesize
72KB

Download
memory/3664-139-0x000000000AD90000-0x000000000ADCC000-memory.dmp

Filesize
240KB

Download
memory/3664-140-0x0000000075050000-0x0000000075800000-memory.dmp

Filesize
7.7MB

Download
memory/3664-141-0x00000000033F0000-0x0000000003400000-memory.dmp

Filesize
64KB

Download

© 2018-2025

Terms | Privacy