Overview

overview

10

Static

static

3

00081e34e8...ea.exe

windows10-2004-x64

10

03c5b52913...29.exe

windows10-2004-x64

10

119de5a5cb...31.exe

windows10-2004-x64

10

1d1b24f346...2d.exe

windows10-2004-x64

10

3a50f05cf8...e5.exe

windows10-2004-x64

10

47e26a3424...26.exe

windows10-2004-x64

10

5cb2e3146e...38.exe

windows10-2004-x64

7

5f31ea5f4e...b6.exe

windows10-2004-x64

10

691f866dcf...9a.exe

windows10-2004-x64

10

69d4397e3b...21.exe

windows10-2004-x64

10

793977371c...71.exe

windows10-2004-x64

10

823d46bb20...3e.exe

windows10-2004-x64

10

89cc8588fd...62.exe

windows10-2004-x64

10

98c86667f1...3f.exe

windows10-2004-x64

10

9f2ebdaf30...d3.exe

windows10-2004-x64

10

ad2c12e934...be.exe

windows10-2004-x64

10

c07f7b11ef...de.exe

windows10-2004-x64

10

c2b3007441...41.exe

windows10-2004-x64

10

c2c2bc25ff...d6.exe

windows7-x64

10

c2c2bc25ff...d6.exe

windows10-2004-x64

10

c8ec968939...44.exe

windows10-2004-x64

10

cfdd198480...c6.exe

windows10-2004-x64

10

e74ebb8467...40.exe

windows10-2004-x64

10

e7cf07de33...a0.exe

windows10-2004-x64

10

e8089d2898...9f.exe

windows10-2004-x64

10

f298002951...fc.exe

windows7-x64

10

f298002951...fc.exe

windows10-2004-x64

10

f9420469aa...4f.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    133s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24-05-2024 12:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c2c2bc25ff713469ab99ce4873da4568ff91920dd5f18365b0bccc99f89f52d6.exe

  • Size

    274KB

  • MD5

    3ba9be3d2fe5f062e851a8335aa0d915

  • SHA1

    2d07663296d6c6a02f35cea6f68ae76610c5d1ad

  • SHA256

    c2c2bc25ff713469ab99ce4873da4568ff91920dd5f18365b0bccc99f89f52d6

  • SHA512

    3021c87f5b7db7de11588a39f4c478bf09ca72aa08f4092cad768ef13d3afa6ff33efc3ec1492efe1eccf152893fc4c42001c1b9d9f20887ab92623ea87496f8

  • SSDEEP

    3072:v+6UQwD64ZrOcHDP5oGjG/rHgoHNxyRVoKKdwS5kiqD3FWoz5g3WiliiJ/+uXK50:1UPG4r1o/RLseYn5g3WiLfiTi

Score
10/10
redlineinfostealer

Malware Config

Extracted

Family

redline

C2

45.15.156.142:33597

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c2c2bc25ff713469ab99ce4873da4568ff91920dd5f18365b0bccc99f89f52d6.exe
    "C:\Users\Admin\AppData\Local\Temp\c2c2bc25ff713469ab99ce4873da4568ff91920dd5f18365b0bccc99f89f52d6.exe"
    1⤵
      PID:1784

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1784-1-0x0000000000220000-0x000000000025C000-memory.dmp

      Filesize

      240KB

      Download

    • memory/1784-4-0x0000000000401000-0x0000000000403000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1784-5-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download