redline | c61e7f08640e7270f85e6f526f6f4d9ed9218df37c250d9fd59006ac3a895429

Analysis

max time kernel
143s
max time network
149s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
11-10-2023 03:01

Target

0x000600000002316c-161.exe
Size

168KB
MD5

08ff3d597c112cef0dacdf77e020d580
SHA1

693de4609e08f7626d05c78b848abefa2e83a0df
SHA256

c61e7f08640e7270f85e6f526f6f4d9ed9218df37c250d9fd59006ac3a895429
SHA512

418c4042d92057fbe2e2fb488632d59f64b4d6f3b50f5be89c35d713f9a4d6712094ef944404752df685cd177fe78376c12e8bd0cb00ac4b47d10c77a0cf4415
SSDEEP

1536:Gi3n6ICpqtqhVZCGWK5JPzz8WJ8surO5gbBvdATGqVIBWbug8DLTGqU584wYkk8X:Gikw038WSHI6BFRqVIgE3jU5h8e8hR

Score

10^/10

Family

redline

Botnet

dusa

83.97.73.127:19045

Attributes

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

C:\Users\Admin\AppData\Local\Temp\0x000600000002316c-161.exe
"C:\Users\Admin\AppData\Local\Temp\0x000600000002316c-161.exe"
1⤵
PID:1736

memory/1736-0-0x0000000074760000-0x0000000074E4E000-memory.dmp

Filesize
6.9MB

Download
memory/1736-1-0x0000000000CB0000-0x0000000000CDE000-memory.dmp

Filesize
184KB

Download
memory/1736-2-0x0000000000410000-0x0000000000416000-memory.dmp

Filesize
24KB

Download
memory/1736-3-0x0000000004B40000-0x0000000004B80000-memory.dmp

Filesize
256KB

Download
memory/1736-4-0x0000000074760000-0x0000000074E4E000-memory.dmp

Filesize
6.9MB

Download