redline | 5695a75d96e56497ab5f7175d5c1da59a4565df668cb89db774eefbb5bfb6cf5

Resubmissions

05-09-2023 01:34

max time kernel
122s
max time network
131s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
24-05-2024 01:20

Target

e4d72d8ddc51c3881aac8e689eeb381b4c97a87cf7dc973c97e5fe35feaa80a8.exe
Size

375KB
MD5

0094d5ff373cec9019212a835c894851
SHA1

1b1cf094623b3d3ab7fe023f31efe2effed19012
SHA256

e4d72d8ddc51c3881aac8e689eeb381b4c97a87cf7dc973c97e5fe35feaa80a8
SHA512

5c6fee60774b1fe4e9f5a63483219e2717a301a31ffb8eba4e5277d4770ea69a93f4f5b398fc7b0249bd9cb5cb4a13147b731222a075cd2fcec7da10e48e9275
SSDEEP

6144:CON3t/C8E6+4xuQvxbAg/1XPxlw/08TgX4flL+84X9wBG8PAbLBFiYV:Cwd6hSBF/1/Lw/HTtNi84X9amPBFi

Score

10^/10

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

RedLine payload 2 IoCs

resource	yara_rule
behavioral17/memory/2944-4-0x0000000005840000-0x00000000058A6000-memory.dmp	family_redline
behavioral17/memory/2944-6-0x00000000058A0000-0x0000000005902000-memory.dmp	family_redline

C:\Users\Admin\AppData\Local\Temp\e4d72d8ddc51c3881aac8e689eeb381b4c97a87cf7dc973c97e5fe35feaa80a8.exe
"C:\Users\Admin\AppData\Local\Temp\e4d72d8ddc51c3881aac8e689eeb381b4c97a87cf7dc973c97e5fe35feaa80a8.exe"
1⤵
PID:2944

memory/2944-1-0x0000000000250000-0x0000000000350000-memory.dmp

Filesize
1024KB

Download
memory/2944-3-0x0000000000400000-0x0000000000453000-memory.dmp

Filesize
332KB

Download
memory/2944-2-0x00000000013D0000-0x0000000001420000-memory.dmp

Filesize
320KB

Download
memory/2944-5-0x0000000000400000-0x00000000013C3000-memory.dmp

Filesize
15.8MB

Download
memory/2944-4-0x0000000005840000-0x00000000058A6000-memory.dmp

Filesize
408KB

Download
memory/2944-6-0x00000000058A0000-0x0000000005902000-memory.dmp

Filesize
392KB

Download
memory/2944-7-0x0000000000400000-0x00000000013C3000-memory.dmp

Filesize
15.8MB

Download
memory/2944-8-0x0000000000400000-0x0000000000453000-memory.dmp

Filesize
332KB

Download