redline | 94cfc085e15346fc062698dc00b235147b892255b1f710828483f662c0a4a24e | Triage

Submit
Reports

Overview

overview

Static

static

0x00060000...31.exe

windows7-x64

0x00060000...31.exe

windows10-2004-x64

Analysis

max time kernel
154s
max time network
176s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
14/10/2023, 04:09

Sharing

Copy URL Twitter E-mail

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0x000600000001afad-31.exe

Resource

win7-20230831-en

redline moner infostealer

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

0x000600000001afad-31.exe

Resource

win10v2004-20230915-en

redline moner infostealer

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

0x000600000001afad-31.exe
Size

174KB
MD5

5771a0a054256f4c76de806006c1afab
SHA1

8a5eae8e30e591d2d4f006f8f43952d3ac56f4e4
SHA256

94cfc085e15346fc062698dc00b235147b892255b1f710828483f662c0a4a24e
SHA512

22f904e87855629878fe4445a4ff738b92e36dc20f024a12e0115d70b7717d69d132f7d909e240d62cfc2991f39496d9f245ffc13bb4dc781d85da3bbea9e2b1
SSDEEP

3072:u89FRa7xI0k3jpQOP6DHpcyME0Qep5LcoJk8e8hh:u8dKxI0k3jp2cyME0dLcoy

Score

10^/10

redline moner infostealer

Malware Config

Extracted

Family

redline

Botnet

moner

C2

77.91.124.82:19071

Attributes

auth_value
a94cd9e01643e1945b296c28a2f28707

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

Processes

C:\Users\Admin\AppData\Local\Temp\0x000600000001afad-31.exe
"C:\Users\Admin\AppData\Local\Temp\0x000600000001afad-31.exe"
1⤵
PID:1120

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1120-1-0x0000000074990000-0x0000000075140000-memory.dmp

Filesize
7.7MB

Download
memory/1120-0-0x0000000000C10000-0x0000000000C40000-memory.dmp

Filesize
192KB

Download
memory/1120-2-0x0000000005520000-0x0000000005526000-memory.dmp

Filesize
24KB

Download
memory/1120-3-0x0000000005D10000-0x0000000006328000-memory.dmp

Filesize
6.1MB

Download
memory/1120-4-0x0000000005800000-0x000000000590A000-memory.dmp

Filesize
1.0MB

Download
memory/1120-6-0x0000000005580000-0x0000000005592000-memory.dmp

Filesize
72KB

Download
memory/1120-5-0x00000000055E0000-0x00000000055F0000-memory.dmp

Filesize
64KB

Download
memory/1120-7-0x00000000056F0000-0x000000000572C000-memory.dmp

Filesize
240KB

Download
memory/1120-8-0x0000000005730000-0x000000000577C000-memory.dmp

Filesize
304KB

Download
memory/1120-9-0x0000000074990000-0x0000000075140000-memory.dmp

Filesize
7.7MB

Download
memory/1120-10-0x00000000055E0000-0x00000000055F0000-memory.dmp

Filesize
64KB

Download

© 2018-2025

Terms | Privacy