Overview

overview

10

Static

static

10

0x00070000...01.exe

windows7-x64

10

0x00070000...01.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    134s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/08/2023, 10:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0x0007000000016266-101.exe

  • Size

    175KB

  • MD5

    c078cbf67d55cab8808668d02b9a1187

  • SHA1

    2aa3754a3b1696bac9979f14fe0ed968c0d1156b

  • SHA256

    e6c18c1dd0a42ec61ae2eaa80d03e4341ae6feabadb8dda2c51fcace8954836c

  • SHA512

    cf4c6bd242aeb92c081c05014ef4581a1ead4561bd28fa7000c37f69c3f2e287d456adcb46208826ddc42f212f192d0c56888fa741fbeb2a6f68b080e0571425

  • SSDEEP

    3072:9SZeJjHB9I0U6o4uOpN2AKU0BIE00KmH5kGvJk8e8hU:9SZe79I0U6o4D0IE0I5kGvi

Score
10/10
redlinemickyinfostealer

Malware Config

Extracted

Family

redline

Botnet

micky

C2

77.91.124.172:19071

Attributes
  • auth_value

    748f3c67c004f4a994500f05127b4428

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

Processes

  • C:\Users\Admin\AppData\Local\Temp\0x0007000000016266-101.exe
    "C:\Users\Admin\AppData\Local\Temp\0x0007000000016266-101.exe"
    1⤵
      PID:1176

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1176-134-0x0000000074580000-0x0000000074D30000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/1176-133-0x0000000000DA0000-0x0000000000DD0000-memory.dmp

      Filesize

      192KB

      Download

    • memory/1176-135-0x0000000005D50000-0x0000000006368000-memory.dmp

      Filesize

      6.1MB

      Download

    • memory/1176-136-0x0000000005840000-0x000000000594A000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/1176-138-0x0000000005620000-0x0000000005630000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1176-137-0x00000000055D0000-0x00000000055E2000-memory.dmp

      Filesize

      72KB

      Download

    • memory/1176-139-0x0000000005770000-0x00000000057AC000-memory.dmp

      Filesize

      240KB

      Download

    • memory/1176-140-0x0000000074580000-0x0000000074D30000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/1176-141-0x0000000005620000-0x0000000005630000-memory.dmp

      Filesize

      64KB

      Download