Analysis
-
max time kernel
133s -
max time network
148s -
platform
windows7_x64 -
resource
win7-20230831-en -
resource tags
arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system -
submitted
06-09-2023 19:22
Behavioral task
behavioral1
Sample
t2978361_JC.exe
Resource
win7-20230831-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
t2978361_JC.exe
Resource
win10v2004-20230831-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
t2978361_JC.exe
-
Size
175KB
-
MD5
7b7c5af0b8abd9d86992e0eb52fc0422
-
SHA1
366fd11059b4b56ccd40574690990005aeaec4fa
-
SHA256
f79ae4bad0585178911ff9b281b1908a201d05f90ee3ed4771a1af33230d02c2
-
SHA512
843edca7bf1d313f734e5e29e22b5f24d3ea18d99c4758f8333e1ddbce280367f8159ff71573f2bc102566544f3315d4a61f94e728104e796074183ff0464b96
-
SSDEEP
3072:z+BDWfkwS/VcI0EMHiRONe9GT+qE0gRrOaQ9JY8e8h0:z0DWfCcI0EMHijqE0xaQ9e
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
gena
C2
77.91.124.82:19071
Attributes
-
auth_value
93c20961cb6b06b2d5781c212db6201e
Signatures
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2688-0-0x0000000000040000-0x0000000000070000-memory.dmpFilesize
192KB
-
memory/2688-1-0x0000000074180000-0x000000007486E000-memory.dmpFilesize
6.9MB
-
memory/2688-2-0x0000000000330000-0x0000000000336000-memory.dmpFilesize
24KB
-
memory/2688-3-0x0000000001E70000-0x0000000001EB0000-memory.dmpFilesize
256KB
-
memory/2688-4-0x0000000074180000-0x000000007486E000-memory.dmpFilesize
6.9MB
-
memory/2688-5-0x0000000001E70000-0x0000000001EB0000-memory.dmpFilesize
256KB