Overview

overview

10

Static

static

10

build.exe

windows10-1703-x64

10

build.exe

windows7-x64

10

build.exe

windows10-2004-x64

10

build.exe

windows11-21h2-x64

10

Analysis

  • max time kernel
    134s
  • max time network
    152s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    25-05-2024 13:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    build.exe

  • Size

    300KB

  • MD5

    79f58d9e5c31290d1005b8ed75c2b8b2

  • SHA1

    bc36dfa1fde40a857fa61829c8d4772674e9d90e

  • SHA256

    bb49165d542ebd7a63c727fcb01fc32a77fa319beb4f2d265a5936619f89bea5

  • SHA512

    219df5b014e32df266c6673c1b2248898723496ac18881d3498ee945f242faab30a4e98feb70b22222affa31c43d1d7b1c9917091963091911b916cde0ec3c04

  • SSDEEP

    3072:ecZqf7D347p/0+mAKky4fUQIgdPB1fA0PuTVAtkxze3RweqiOL2bBOA:ecZqf7DIlnPPtB1fA0GTV8kEQL

Score
10/10
redlinetestinfostealer

Malware Config

Extracted

Family

redline

Botnet

test

C2

172.22.236.166:1912

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine payload 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\build.exe
    "C:\Users\Admin\AppData\Local\Temp\build.exe"
    1⤵
      PID:4624

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4624-0-0x00000000731BE000-0x00000000731BF000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4624-1-0x0000000000610000-0x0000000000662000-memory.dmp

      Filesize

      328KB

      Download

    • memory/4624-2-0x0000000005320000-0x000000000581E000-memory.dmp

      Filesize

      5.0MB

      Download

    • memory/4624-3-0x0000000004EC0000-0x0000000004F52000-memory.dmp

      Filesize

      584KB

      Download

    • memory/4624-4-0x0000000005050000-0x000000000505A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/4624-5-0x00000000731B0000-0x000000007389E000-memory.dmp

      Filesize

      6.9MB

      Download

    • memory/4624-6-0x00000000062B0000-0x00000000068B6000-memory.dmp

      Filesize

      6.0MB

      Download

    • memory/4624-7-0x0000000007B10000-0x0000000007C1A000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/4624-8-0x0000000007A20000-0x0000000007A32000-memory.dmp

      Filesize

      72KB

      Download

    • memory/4624-9-0x0000000007A80000-0x0000000007ABE000-memory.dmp

      Filesize

      248KB

      Download

    • memory/4624-10-0x0000000007AC0000-0x0000000007B0B000-memory.dmp

      Filesize

      300KB

      Download

    • memory/4624-11-0x00000000731BE000-0x00000000731BF000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4624-12-0x00000000731B0000-0x000000007389E000-memory.dmp

      Filesize

      6.9MB

      Download