Overview

overview

10

Static

static

10

0x00060000...54.exe

windows7-x64

10

0x00060000...54.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-10-2023 07:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0x000600000002324d-354.exe

  • Size

    231KB

  • MD5

    d0165cebe4443ac7f5d2b8c85f89f3bd

  • SHA1

    5caa5137538f3363cf02188bf59066ca351f5f1b

  • SHA256

    22b8bf3184007ff96e992a4b2aa7892b2463c49c9ebea52a21e8a3b774f9014a

  • SHA512

    75cbae061efb3a1acbbdf6f5becd9e96e57dd06fec84e22cde1bb735569160935f388899c4f7d0ef39e7cacacb5606f1e691b470823fc24dd5836fc0db0e4343

  • SSDEEP

    3072:sgspAnCNgcepupXKLh8DjV7OGt/qasDrTv+mIqd44oKG6g:jOACNgceQpXKLKdr/ODrTmmpd44oK

Score
10/10
redlinegigantinfostealer

Malware Config

Extracted

Family

redline

Botnet

gigant

C2

77.91.124.55:19071

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine payload 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0x000600000002324d-354.exe
    "C:\Users\Admin\AppData\Local\Temp\0x000600000002324d-354.exe"
    1⤵
      PID:2164

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2164-1-0x00000000747C0000-0x0000000074F70000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/2164-0-0x00000000003E0000-0x000000000041E000-memory.dmp

      Filesize

      248KB

      Download

    • memory/2164-2-0x00000000077A0000-0x0000000007D44000-memory.dmp

      Filesize

      5.6MB

      Download

    • memory/2164-3-0x0000000007290000-0x0000000007322000-memory.dmp

      Filesize

      584KB

      Download

    • memory/2164-4-0x0000000007480000-0x0000000007490000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2164-5-0x0000000007450000-0x000000000745A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/2164-6-0x0000000008370000-0x0000000008988000-memory.dmp

      Filesize

      6.1MB

      Download

    • memory/2164-7-0x0000000007600000-0x000000000770A000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/2164-8-0x0000000007530000-0x0000000007542000-memory.dmp

      Filesize

      72KB

      Download

    • memory/2164-9-0x0000000007590000-0x00000000075CC000-memory.dmp

      Filesize

      240KB

      Download

    • memory/2164-10-0x0000000007710000-0x000000000775C000-memory.dmp

      Filesize

      304KB

      Download

    • memory/2164-11-0x00000000747C0000-0x0000000074F70000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/2164-12-0x0000000007480000-0x0000000007490000-memory.dmp

      Filesize

      64KB

      Download