redline | 22b8bf3184007ff96e992a4b2aa7892b2463c49c9ebea52a21e8a3b774f9014a

Analysis

max time kernel
136s
max time network
150s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
12/10/2023, 07:11

Target

0x000600000002324d-354.exe
Size

231KB
MD5

d0165cebe4443ac7f5d2b8c85f89f3bd
SHA1

5caa5137538f3363cf02188bf59066ca351f5f1b
SHA256

22b8bf3184007ff96e992a4b2aa7892b2463c49c9ebea52a21e8a3b774f9014a
SHA512

75cbae061efb3a1acbbdf6f5becd9e96e57dd06fec84e22cde1bb735569160935f388899c4f7d0ef39e7cacacb5606f1e691b470823fc24dd5836fc0db0e4343
SSDEEP

3072:sgspAnCNgcepupXKLh8DjV7OGt/qasDrTv+mIqd44oKG6g:jOACNgceQpXKLKdr/ODrTmmpd44oK

Score

10^/10

Family

redline

Botnet

gigant

77.91.124.55:19071

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

RedLine payload 1 IoCs

resource	yara_rule
behavioral1/memory/2104-0-0x0000000000E40000-0x0000000000E7E000-memory.dmp	family_redline

C:\Users\Admin\AppData\Local\Temp\0x000600000002324d-354.exe
"C:\Users\Admin\AppData\Local\Temp\0x000600000002324d-354.exe"
1⤵
PID:2104

memory/2104-0-0x0000000000E40000-0x0000000000E7E000-memory.dmp

Filesize
248KB

Download
memory/2104-1-0x0000000073EE0000-0x00000000745CE000-memory.dmp

Filesize
6.9MB

Download
memory/2104-2-0x0000000007030000-0x0000000007070000-memory.dmp

Filesize
256KB

Download
memory/2104-3-0x0000000073EE0000-0x00000000745CE000-memory.dmp

Filesize
6.9MB

Download
memory/2104-4-0x0000000007030000-0x0000000007070000-memory.dmp

Filesize
256KB

Download