redline | 7d93b222fbb6e0567954c3fa0555d648c9b6870dc4253fec1daf531a18057317 | Triage

Submit
Reports

Overview

overview

Static

static

0x00060000...11.exe

windows7-x64

0x00060000...11.exe

windows10-2004-x64

Analysis

max time kernel
139s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
17/08/2023, 12:52

Sharing

Copy URL Twitter E-mail

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0x0006000000016cf0-111.exe

Resource

win7-20230712-en

redline maga infostealer

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

0x0006000000016cf0-111.exe

Resource

win10v2004-20230703-en

redline maga infostealer

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

0x0006000000016cf0-111.exe
Size

174KB
MD5

12cf3b8122534e2eed7acd2bae744ad5
SHA1

e3f955107f0ced2aeb5f610e16656a161a4ea27f
SHA256

7d93b222fbb6e0567954c3fa0555d648c9b6870dc4253fec1daf531a18057317
SHA512

4e18ed5a333c186b3da81b3987ea1e756dfd26b76a0f2024f718e9dc045297387347285e9ce8867d59eab62a89864cc794dc1a50e2bd849b4f395d40f044ade4
SSDEEP

3072:2N4iIwQkI086khQO4QGaBGUE0OlO6BAYHJ88e8h+:S47kI086khCUE0KAYHK

Score

10^/10

redline maga infostealer

Malware Config

Extracted

Family

redline

Botnet

maga

C2

77.91.124.54:19071

Attributes

auth_value
9dd7a0be219be9b6228dc9b4e112b812

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

Processes

C:\Users\Admin\AppData\Local\Temp\0x0006000000016cf0-111.exe
"C:\Users\Admin\AppData\Local\Temp\0x0006000000016cf0-111.exe"
1⤵
PID:2152

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2152-133-0x0000000074DB0000-0x0000000075560000-memory.dmp

Filesize
7.7MB

Download
memory/2152-134-0x0000000000950000-0x0000000000980000-memory.dmp

Filesize
192KB

Download
memory/2152-135-0x000000000ADF0000-0x000000000B408000-memory.dmp

Filesize
6.1MB

Download
memory/2152-136-0x000000000A8E0000-0x000000000A9EA000-memory.dmp

Filesize
1.0MB

Download
memory/2152-137-0x0000000005340000-0x0000000005350000-memory.dmp

Filesize
64KB

Download
memory/2152-138-0x000000000A7F0000-0x000000000A802000-memory.dmp

Filesize
72KB

Download
memory/2152-139-0x000000000A850000-0x000000000A88C000-memory.dmp

Filesize
240KB

Download
memory/2152-140-0x0000000074DB0000-0x0000000075560000-memory.dmp

Filesize
7.7MB

Download
memory/2152-141-0x0000000005340000-0x0000000005350000-memory.dmp

Filesize
64KB

Download

© 2018-2025

Terms | Privacy