Analysis
-
max time kernel
290s -
max time network
306s -
platform
windows10-1703_x64 -
resource
win10-20230703-en -
resource tags
arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system -
submitted
21-08-2023 04:51
Behavioral task
behavioral1
Sample
i4010428.exe
Resource
win7-20230712-en
windows7-x64
1 signatures
300 seconds
Behavioral task
behavioral2
Sample
i4010428.exe
Resource
win10-20230703-en
windows10-1703-x64
1 signatures
300 seconds
General
-
Target
i4010428.exe
-
Size
174KB
-
MD5
33abc9f104e93cb1167ecaeb6aa5619a
-
SHA1
2b55dd7048e24eb85932988ac20e05bba02b3db1
-
SHA256
cd3d877fb255cf900906bb2a47fbeac5cf79d44cfe6bf3d479c81ac7e11711ae
-
SHA512
14fe6ffae1f0fd836f1343e61fa01331df6582195236df9b43398ef02404be1e84f645b448fe90c02ab3b08cf647982d7ab362d91d7d7859b0a82bd89e5955ed
-
SSDEEP
3072:jzyDoUefdkPI0iGEndlOzQnvqmqtlMyNhE04ys4x7sJo8e8hy:fHUjPI0iGEnd2msDNhE09x7su
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
jonka
C2
77.91.124.73:19071
Attributes
-
auth_value
c95bc30cd252fa6dff2a19fd78bfab4e
Signatures
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.