Overview

overview

10

Static

static

10

0x00070000...81.exe

windows7-x64

10

0x00070000...81.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    143s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-08-2023 05:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0x000700000002328a-181.exe

  • Size

    173KB

  • MD5

    3a7dc07dcd5cd347bc42e4a89636587e

  • SHA1

    30cc0595f3e96b480d0d15963c808a9e296da079

  • SHA256

    0b5745f9e5ec7741cd5d20b6157edb31deb4ae6bdec751006156fc66ae3a7a9d

  • SHA512

    0c2fdcf3edc628b89807c057c557a13f553e43e04b6a97a270fd4d259703d66abb9ed6d71e7caf7397a0cf98789d02cb6bb5cccce2d51dbceca15331501f47b2

  • SSDEEP

    3072:eTS18qdsI0PBESjOvGew8Z88FQE02quBoeaTJ38e8hr:eTSfsI0PBESOZ88FQE0QoeaTR

Score
10/10
redlinedugininfostealer

Malware Config

Extracted

Family

redline

Botnet

dugin

C2

77.91.124.73:19071

Attributes
  • auth_value

    7c3e46e091100fd26a6076996d374c28

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

Processes

  • C:\Users\Admin\AppData\Local\Temp\0x000700000002328a-181.exe
    "C:\Users\Admin\AppData\Local\Temp\0x000700000002328a-181.exe"
    1⤵
      PID:5100

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/5100-133-0x0000000074670000-0x0000000074E20000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/5100-134-0x0000000000420000-0x0000000000450000-memory.dmp

      Filesize

      192KB

      Download

    • memory/5100-135-0x00000000053E0000-0x00000000059F8000-memory.dmp

      Filesize

      6.1MB

      Download

    • memory/5100-136-0x0000000004ED0000-0x0000000004FDA000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/5100-138-0x0000000004DB0000-0x0000000004DC0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/5100-137-0x0000000004D50000-0x0000000004D62000-memory.dmp

      Filesize

      72KB

      Download

    • memory/5100-139-0x0000000004DC0000-0x0000000004DFC000-memory.dmp

      Filesize

      240KB

      Download

    • memory/5100-140-0x0000000074670000-0x0000000074E20000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/5100-141-0x0000000004DB0000-0x0000000004DC0000-memory.dmp

      Filesize

      64KB

      Download