redline | 12a56ee8b2129cd46c19477fbf174928d0942faac0bff29ea66276669e4be05f

Analysis

max time kernel
141s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
13-03-2024 00:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

12a56ee8b2129cd46c19477fbf174928d0942faac0bff29ea66276669e4be05f.exe
Size

428KB
MD5

3f2c4cf32b7bd8b75c025c1cd7922b51
SHA1

a416de4c9ce7c9e8ac59c25536e671450cc8a3ae
SHA256

12a56ee8b2129cd46c19477fbf174928d0942faac0bff29ea66276669e4be05f
SHA512

855fe5b2eb84cfe17ad62def903047d4e180734b387c34903c9fc89f08a6f51231bb7c44a13e150383311c99afb891cec8e4ebbb18eb4278c4d73e232e9bfefe
SSDEEP

6144:cESOQQdkdDacTgZUtoXY1FyxO0A+ufexFzZdea5slmKqjWvGaqs7GvQbwp3E:cESO/dkhq6oOp+uWxFtAlrqGGX9p3E

Score

10^/10

redline infostealer

Malware Config

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

RedLine payload 2 IoCs

resource	yara_rule
behavioral2/memory/3940-4-0x0000000004C50000-0x0000000004CA4000-memory.dmp	family_redline
behavioral2/memory/3940-9-0x00000000052D0000-0x0000000005322000-memory.dmp	family_redline

C:\Users\Admin\AppData\Local\Temp\12a56ee8b2129cd46c19477fbf174928d0942faac0bff29ea66276669e4be05f.exe
"C:\Users\Admin\AppData\Local\Temp\12a56ee8b2129cd46c19477fbf174928d0942faac0bff29ea66276669e4be05f.exe"
1⤵
PID:3940

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3940-1-0x0000000000590000-0x0000000000690000-memory.dmp

Filesize
1024KB

Download
memory/3940-2-0x00000000020D0000-0x000000000213C000-memory.dmp

Filesize
432KB

Download
memory/3940-3-0x0000000000400000-0x00000000004B5000-memory.dmp

Filesize
724KB

Download
memory/3940-4-0x0000000004C50000-0x0000000004CA4000-memory.dmp

Filesize
336KB

Download
memory/3940-5-0x00000000747F0000-0x0000000074FA0000-memory.dmp

Filesize
7.7MB

Download
memory/3940-6-0x0000000004CD0000-0x0000000004CE0000-memory.dmp

Filesize
64KB

Download
memory/3940-7-0x0000000004CD0000-0x0000000004CE0000-memory.dmp

Filesize
64KB

Download
memory/3940-9-0x00000000052D0000-0x0000000005322000-memory.dmp

Filesize
328KB

Download
memory/3940-8-0x0000000004CE0000-0x0000000005284000-memory.dmp

Filesize
5.6MB

Download
memory/3940-10-0x0000000005320000-0x0000000005938000-memory.dmp

Filesize
6.1MB

Download
memory/3940-11-0x00000000059D0000-0x0000000005ADA000-memory.dmp

Filesize
1.0MB

Download
memory/3940-12-0x0000000005B00000-0x0000000005B12000-memory.dmp

Filesize
72KB

Download
memory/3940-13-0x0000000005B60000-0x0000000005B9C000-memory.dmp

Filesize
240KB

Download
memory/3940-14-0x0000000005BA0000-0x0000000005BEC000-memory.dmp

Filesize
304KB

Download
memory/3940-15-0x0000000000400000-0x00000000004B5000-memory.dmp

Filesize
724KB

Download
memory/3940-16-0x0000000000590000-0x0000000000690000-memory.dmp

Filesize
1024KB

Download
memory/3940-17-0x00000000020D0000-0x000000000213C000-memory.dmp

Filesize
432KB

Download
memory/3940-18-0x00000000747F0000-0x0000000074FA0000-memory.dmp

Filesize
7.7MB

Download
memory/3940-20-0x0000000004CD0000-0x0000000004CE0000-memory.dmp

Filesize
64KB

Download
memory/3940-21-0x0000000004CD0000-0x0000000004CE0000-memory.dmp

Filesize
64KB

Download
memory/3940-22-0x0000000004CD0000-0x0000000004CE0000-memory.dmp

Filesize
64KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads