Overview

overview

10

Static

static

10

d6086904aa...c6.dll

windows7-x64

1

d6086904aa...c6.dll

windows10-2004-x64

1

e4d31acd4f...96.exe

windows7-x64

10

e4d31acd4f...96.exe

windows10-2004-x64

10

eb1a060a2f...2d.exe

windows7-x64

eb1a060a2f...2d.exe

windows10-2004-x64

10

f6147edac0...28.exe

windows7-x64

10

f6147edac0...28.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/10/2023, 02:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eb1a060a2f31ff324b171aa329f0302493bf6d8a573c1142f03b7267fb2a362d.exe

  • Size

    392KB

  • MD5

    2634623076a7af62a8479a5cef34b6d0

  • SHA1

    7f4d567bfbc4c5b8f8f7ea5c614dd909b0ab6ac3

  • SHA256

    eb1a060a2f31ff324b171aa329f0302493bf6d8a573c1142f03b7267fb2a362d

  • SHA512

    96921b8cb6399b3a641be8ddcf19b22482a23f458c12bfe67dfce2f94a4f0d95f488a5a1d6ac07426ddc0696fe7345b989101d221afc2f62715a26b812190c5b

  • SSDEEP

    6144:7kFSoUQrQakAGfCz35Jw66RPalaYNx2aDPUJKpn7jmb5kNkzJ43r7PSAxxOJYJfv:7kFkQUD66RPQnx2aLUJyfmb5kSPZQ

Score
10/10
redlineinfostealer

Malware Config

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine payload 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\eb1a060a2f31ff324b171aa329f0302493bf6d8a573c1142f03b7267fb2a362d.exe
    "C:\Users\Admin\AppData\Local\Temp\eb1a060a2f31ff324b171aa329f0302493bf6d8a573c1142f03b7267fb2a362d.exe"
    1⤵
      PID:4440

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4440-1-0x0000000000400000-0x0000000000467000-memory.dmp

      Filesize

      412KB

      Download

    • memory/4440-0-0x00000000007F0000-0x000000000084A000-memory.dmp

      Filesize

      360KB

      Download

    • memory/4440-5-0x0000000075240000-0x00000000759F0000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/4440-6-0x0000000007080000-0x0000000007624000-memory.dmp

      Filesize

      5.6MB

      Download

    • memory/4440-7-0x0000000007630000-0x00000000076C2000-memory.dmp

      Filesize

      584KB

      Download

    • memory/4440-8-0x0000000007750000-0x0000000007760000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4440-9-0x0000000007720000-0x000000000772A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/4440-10-0x0000000007F70000-0x0000000008588000-memory.dmp

      Filesize

      6.1MB

      Download

    • memory/4440-11-0x00000000078E0000-0x00000000078F2000-memory.dmp

      Filesize

      72KB

      Download

    • memory/4440-12-0x0000000007950000-0x0000000007A5A000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/4440-13-0x0000000007900000-0x000000000793C000-memory.dmp

      Filesize

      240KB

      Download

    • memory/4440-14-0x0000000007AA0000-0x0000000007AEC000-memory.dmp

      Filesize

      304KB

      Download

    • memory/4440-15-0x0000000000400000-0x0000000000467000-memory.dmp

      Filesize

      412KB

      Download

    • memory/4440-16-0x0000000075240000-0x00000000759F0000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/4440-17-0x0000000007750000-0x0000000007760000-memory.dmp

      Filesize

      64KB

      Download