Overview

overview

10

Static

static

3

19408d20ed...1b.exe

windows7-x64

3

19408d20ed...1b.exe

windows10-2004-x64

10

209f361ec5...19.exe

windows7-x64

3

209f361ec5...19.exe

windows10-2004-x64

10

2260e01650...fc.exe

windows10-2004-x64

10

24b96bca46...df.exe

windows10-2004-x64

10

2a4e0bfefe...ad.exe

windows10-2004-x64

10

30b28fbbc6...6a.exe

windows10-2004-x64

10

45405e3261...66.exe

windows10-2004-x64

10

55ab9707d2...50.exe

windows10-2004-x64

10

6568836094...3d.exe

windows10-2004-x64

10

72a27ce3ad...a5.exe

windows10-2004-x64

10

9be0387d86...b9.exe

windows10-2004-x64

10

9d44150fdc...7d.exe

windows10-2004-x64

6

b2402bf5ca...fa.exe

windows10-2004-x64

10

c6bd926d58...44.exe

windows10-2004-x64

10

cd321830f5...bc.exe

windows10-2004-x64

10

cfcca94dd6...6e.exe

windows10-2004-x64

10

dfa156ac28...ff.exe

windows10-2004-x64

10

f1ae7fab47...cc.exe

windows10-2004-x64

10

f25337a343...56.exe

windows10-2004-x64

10

f5d16598bf...16.exe

windows7-x64

10

f5d16598bf...16.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    140s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-05-2024 17:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f5d16598bff76b7aeece243b4478a48e666bbf1a2adb20f2684cefe2f7d06616.exe

  • Size

    490KB

  • MD5

    a9b440ad0e7d76d9fa2ec485fa53eeba

  • SHA1

    179dcad63a03197776e3b9ee4354dbfa413f7528

  • SHA256

    f5d16598bff76b7aeece243b4478a48e666bbf1a2adb20f2684cefe2f7d06616

  • SHA512

    bbdbfdf856719da627de9c70324edfeec3e2d91d32550c12fd2923302456da68768618f45788bc68e71d48de3f30e731181b9a69139624a70bf936a8a7de3a15

  • SSDEEP

    12288:quFz06FWD5fReUOLoFCaK40dC3l8qjNG8AR:qr+WVJeVLeK4PljJA

Score
10/10
redlineinfostealer

Malware Config

Extracted

Family

redline

C2

91.103.252.48:33597

Attributes
  • auth_value

    562d3280c1a052ff370bad4ad69185f7

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine payload 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f5d16598bff76b7aeece243b4478a48e666bbf1a2adb20f2684cefe2f7d06616.exe
    "C:\Users\Admin\AppData\Local\Temp\f5d16598bff76b7aeece243b4478a48e666bbf1a2adb20f2684cefe2f7d06616.exe"
    1⤵
      PID:2468

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2468-0-0x0000000000401000-0x0000000000404000-memory.dmp

      Filesize

      12KB

      Download

    • memory/2468-2-0x0000000002080000-0x000000000210C000-memory.dmp

      Filesize

      560KB

      Download

    • memory/2468-7-0x0000000000400000-0x000000000047F000-memory.dmp

      Filesize

      508KB

      Download

    • memory/2468-8-0x0000000002080000-0x000000000210C000-memory.dmp

      Filesize

      560KB

      Download

    • memory/2468-9-0x00000000023F0000-0x00000000023F1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2468-10-0x0000000002410000-0x0000000002416000-memory.dmp

      Filesize

      24KB

      Download

    • memory/2468-11-0x0000000004B50000-0x0000000005168000-memory.dmp

      Filesize

      6.1MB

      Download

    • memory/2468-12-0x00000000051F0000-0x00000000052FA000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/2468-13-0x0000000005320000-0x0000000005332000-memory.dmp

      Filesize

      72KB

      Download

    • memory/2468-14-0x0000000005340000-0x000000000537C000-memory.dmp

      Filesize

      240KB

      Download

    • memory/2468-15-0x00000000053B0000-0x00000000053FC000-memory.dmp

      Filesize

      304KB

      Download