redline | 2f9efd61df230626f0872f3fca3245b91237d24c4957ed345d7d017acde571c7

Analysis

max time kernel
133s
max time network
147s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
22/10/2023, 14:18

Target

0x0006000000015cef-63.exe
Size

222KB
MD5

34af13e0f719a352bff0a768972690d0
SHA1

2c2dabf3354946709e4d699c338ada95fb4b24bb
SHA256

2f9efd61df230626f0872f3fca3245b91237d24c4957ed345d7d017acde571c7
SHA512

765aead9fb578d5078a9636dd942c04d66211b7e2d37e5bd3aaa864e0bff0e967072eef5421734ac0be14d3733800301df8d3185a236a928c7c2879d9bc768a4
SSDEEP

3072:XjJsVUnYNgcDTrB2Sr1DDfNt/qOWGkHCfbLCdrUd2j:XjJsSYNgcDn4SZDzH/oGkHCDL2rUd

Score

10^/10

Family

redline

Botnet

kinder

109.107.182.133:19084

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

RedLine payload 1 IoCs

resource	yara_rule
behavioral1/memory/2828-0-0x0000000001300000-0x000000000133E000-memory.dmp	family_redline

C:\Users\Admin\AppData\Local\Temp\0x0006000000015cef-63.exe
"C:\Users\Admin\AppData\Local\Temp\0x0006000000015cef-63.exe"
1⤵
PID:2828

memory/2828-0-0x0000000001300000-0x000000000133E000-memory.dmp

Filesize
248KB

Download
memory/2828-1-0x00000000740E0000-0x00000000747CE000-memory.dmp

Filesize
6.9MB

Download
memory/2828-2-0x0000000007290000-0x00000000072D0000-memory.dmp

Filesize
256KB

Download
memory/2828-3-0x00000000740E0000-0x00000000747CE000-memory.dmp

Filesize
6.9MB

Download
memory/2828-4-0x0000000007290000-0x00000000072D0000-memory.dmp

Filesize
256KB

Download