redline | 337332f76d79d927685ed502511bcd0a8fd6a31a89caba2a772216b6dc886b3b

Analysis

max time kernel
151s
max time network
163s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
15/08/2023, 14:46

Target

Новая папка (16)/2.exe
Size

341KB
MD5

380059aa0629cf577691c77d9bb2b641
SHA1

7fa57c2c3742906dce3c51cf6d2fde8ae96866b6
SHA256

2d7c4c256baee481a7b7454b70854adaf7d57dba374de6cfb82ba21e961e7054
SHA512

2b125c2eae36534f80db085f092ede490ab9e0b9448446f3c9da6040aa7ea297db82208b69a4c23033625eab0d59cdad9460e7919e1026203764db61696f30cc
SSDEEP

6144:sgkfqpvErytsYaQOGHYRdQ6R9ebvoaXyxRkCN1aUTi:+qVaYTLcebvoaXyxRkx

Score

10^/10

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

RedLine payload 1 IoCs

resource	yara_rule
behavioral6/memory/3880-134-0x00000000002C0000-0x000000000031A000-memory.dmp	family_redline

C:\Users\Admin\AppData\Local\Temp\Новая папка (16)\2.exe
"C:\Users\Admin\AppData\Local\Temp\Новая папка (16)\2.exe"
1⤵
PID:3880

memory/3880-133-0x0000000074890000-0x0000000075040000-memory.dmp

Filesize
7.7MB

Download
memory/3880-134-0x00000000002C0000-0x000000000031A000-memory.dmp

Filesize
360KB

Download
memory/3880-135-0x00000000077D0000-0x0000000007D74000-memory.dmp

Filesize
5.6MB

Download
memory/3880-136-0x0000000007220000-0x00000000072B2000-memory.dmp

Filesize
584KB

Download
memory/3880-137-0x0000000004E80000-0x0000000004E90000-memory.dmp

Filesize
64KB

Download
memory/3880-138-0x0000000004E60000-0x0000000004E6A000-memory.dmp

Filesize
40KB

Download
memory/3880-139-0x00000000083A0000-0x00000000089B8000-memory.dmp

Filesize
6.1MB

Download
memory/3880-140-0x0000000007460000-0x0000000007472000-memory.dmp

Filesize
72KB

Download
memory/3880-141-0x0000000007590000-0x000000000769A000-memory.dmp

Filesize
1.0MB

Download
memory/3880-142-0x00000000074C0000-0x00000000074FC000-memory.dmp

Filesize
240KB

Download
memory/3880-143-0x0000000074890000-0x0000000075040000-memory.dmp

Filesize
7.7MB

Download
memory/3880-144-0x0000000004E80000-0x0000000004E90000-memory.dmp

Filesize
64KB

Download