Analysis
-
max time kernel
133s -
max time network
145s -
platform
windows7_x64 -
resource
win7-20231025-en -
resource tags
arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system -
submitted
30-10-2023 19:42
Behavioral task
behavioral1
Sample
0x0006000000022e4d-39.exe
Resource
win7-20231025-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
0x0006000000022e4d-39.exe
Resource
win10v2004-20231023-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
0x0006000000022e4d-39.exe
-
Size
222KB
-
MD5
12d0affbdbcc1072c868aa55757d73b2
-
SHA1
6c7edddcb64d6fbf1f0f81a796694d1ae72ba861
-
SHA256
d632089da86548266dc5de87faf6487d0ba2f048ff0d1b455a719040b165f195
-
SHA512
7db4c7b11f7d7bcccdc4823498beb22c4f19735563d6d846b6a94abf8f219506641ad271f6a2e66c3e80d8f2958075b72d8761600073f92af1572ce70b130dfd
-
SSDEEP
6144:EmSQQNgcPf2iHv0+9JR/xadbzBNFygk5:DHQNgcPf1JROBNFygk5
Score
10/10
Malware Config
Extracted
Family
redline
Botnet
kinza
C2
77.91.124.86:19084
Signatures
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload 1 IoCs
resource yara_rule behavioral1/memory/1768-0-0x0000000001360000-0x000000000139E000-memory.dmp family_redline
Processes
Network
- No results found
-
152 B 3
-
152 B 3
-
152 B 3
-
152 B 3
-
152 B 3
-
152 B 3
No results found