Overview

overview

10

Static

static

10

0x00070000...02.exe

windows7-x64

10

0x00070000...02.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    142s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-08-2023 02:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0x0007000000015e7c-102.exe

  • Size

    174KB

  • MD5

    f4efcc727f7fcaea15a29b399889387b

  • SHA1

    8d55e438c6b649ce9f816d9de19b298b1baa38fa

  • SHA256

    9650bbba48baf4708786c268f27955e069f83a0ce581401bdd6e81534e613b62

  • SHA512

    b890898973413bace8095b98bc358f9b3a1759d8386d71341d6e7f3b9725d513b2fe789c116ba1d37d3aef69e04bea8b3654520bdf5f182840e84b14d0eccca3

  • SSDEEP

    3072:9SZeJjHB9I0U6o4uOpN2AKU0BIE00KmH5kGvJk8e8hU:9SZe79I0U6o4D0IE0I5kGvi

Score
10/10
redlinemickyinfostealer

Malware Config

Extracted

Family

redline

Botnet

micky

C2

77.91.124.172:19071

Attributes
  • auth_value

    748f3c67c004f4a994500f05127b4428

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

Processes

  • C:\Users\Admin\AppData\Local\Temp\0x0007000000015e7c-102.exe
    "C:\Users\Admin\AppData\Local\Temp\0x0007000000015e7c-102.exe"
    1⤵
      PID:3372

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3372-134-0x0000000075300000-0x0000000075AB0000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/3372-133-0x0000000000C40000-0x0000000000C70000-memory.dmp

      Filesize

      192KB

      Download

    • memory/3372-135-0x0000000005C90000-0x00000000062A8000-memory.dmp

      Filesize

      6.1MB

      Download

    • memory/3372-136-0x0000000005780000-0x000000000588A000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/3372-137-0x00000000056C0000-0x00000000056D2000-memory.dmp

      Filesize

      72KB

      Download

    • memory/3372-138-0x0000000005660000-0x0000000005670000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3372-139-0x0000000005720000-0x000000000575C000-memory.dmp

      Filesize

      240KB

      Download

    • memory/3372-140-0x0000000075300000-0x0000000075AB0000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/3372-141-0x0000000005660000-0x0000000005670000-memory.dmp

      Filesize

      64KB

      Download