Overview

overview

10

Static

static

10

Новая...6).zip

windows10-1703-x64

1

Новая...6).zip

windows10-2004-x64

1

Новая.../1.exe

windows10-1703-x64

10

Новая.../1.exe

windows10-2004-x64

10

Новая.../2.exe

windows10-1703-x64

10

Новая.../2.exe

windows10-2004-x64

10

Новая.../3.exe

windows10-1703-x64

10

Новая.../3.exe

windows10-2004-x64

10

Новая.../4.exe

windows10-1703-x64

10

Новая.../4.exe

windows10-2004-x64

10

Новая.../5.exe

windows10-1703-x64

10

Новая.../5.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    22s
  • max time network
    28s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/08/2023, 14:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Новая папка (16)/5.exe

  • Size

    341KB

  • MD5

    380059aa0629cf577691c77d9bb2b641

  • SHA1

    7fa57c2c3742906dce3c51cf6d2fde8ae96866b6

  • SHA256

    2d7c4c256baee481a7b7454b70854adaf7d57dba374de6cfb82ba21e961e7054

  • SHA512

    2b125c2eae36534f80db085f092ede490ab9e0b9448446f3c9da6040aa7ea297db82208b69a4c23033625eab0d59cdad9460e7919e1026203764db61696f30cc

  • SSDEEP

    6144:sgkfqpvErytsYaQOGHYRdQ6R9ebvoaXyxRkCN1aUTi:+qVaYTLcebvoaXyxRkx

Score
10/10
redlineinfostealer

Malware Config

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine payload 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Новая папка (16)\5.exe
    "C:\Users\Admin\AppData\Local\Temp\Новая папка (16)\5.exe"
    1⤵
      PID:1364

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1364-133-0x0000000074650000-0x0000000074E00000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/1364-134-0x0000000000B30000-0x0000000000B8A000-memory.dmp

      Filesize

      360KB

      Download

    • memory/1364-135-0x0000000007FB0000-0x0000000008554000-memory.dmp

      Filesize

      5.6MB

      Download

    • memory/1364-136-0x0000000007AA0000-0x0000000007B32000-memory.dmp

      Filesize

      584KB

      Download

    • memory/1364-137-0x0000000007BF0000-0x0000000007C00000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1364-138-0x0000000007A60000-0x0000000007A6A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/1364-139-0x0000000008B80000-0x0000000009198000-memory.dmp

      Filesize

      6.1MB

      Download

    • memory/1364-140-0x0000000007BC0000-0x0000000007BD2000-memory.dmp

      Filesize

      72KB

      Download

    • memory/1364-141-0x0000000007E00000-0x0000000007F0A000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/1364-142-0x0000000007D30000-0x0000000007D6C000-memory.dmp

      Filesize

      240KB

      Download

    • memory/1364-143-0x0000000074650000-0x0000000074E00000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/1364-144-0x0000000007BF0000-0x0000000007C00000-memory.dmp

      Filesize

      64KB

      Download