Overview

overview

10

Static

static

3

c77f804eeb...cs.exe

windows7-x64

10

c77f804eeb...cs.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-05-2024 14:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c77f804eeb098929ca50c7885672cc80_NeikiAnalytics.exe

  • Size

    272KB

  • MD5

    c77f804eeb098929ca50c7885672cc80

  • SHA1

    c666548c24ba8751356873af00c4136517060ee8

  • SHA256

    2b0e6da498576f68dc1b7d15ae01f3a85a79fc60c9e87c0cba6ed809cce25392

  • SHA512

    dd9514577b973b7079b53270b56168d37f8de6830e135fdf913d81de27d72ebe0bbaa7da95646a2bad75b4c4c6241b6980eaa02a4f472f8af1218ee22157d2b2

  • SSDEEP

    6144:uXariX2WQ0FKHgKNRBH13TLxNP9T0x+SRMk:u6iTQzgMLxNFYv

Score
10/10
redlinefurgainfostealer

Malware Config

Extracted

Family

redline

Botnet

furga

C2

83.97.73.128:19071

Attributes
  • auth_value

    1b7af6db7a79a3475798fcf494818be7

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c77f804eeb098929ca50c7885672cc80_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\c77f804eeb098929ca50c7885672cc80_NeikiAnalytics.exe"
    1⤵
      PID:3568

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3568-0-0x0000000000401000-0x0000000000404000-memory.dmp
      Filesize

      12KB

      Download
    • memory/3568-1-0x00000000001C0000-0x00000000001F0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/3568-5-0x0000000000400000-0x0000000000448000-memory.dmp
      Filesize

      288KB

      Download
    • memory/3568-6-0x0000000004920000-0x0000000004926000-memory.dmp
      Filesize

      24KB

      Download
    • memory/3568-7-0x0000000009E10000-0x000000000A428000-memory.dmp
      Filesize

      6.1MB

      Download
    • memory/3568-8-0x000000000A4C0000-0x000000000A5CA000-memory.dmp
      Filesize

      1.0MB

      Download
    • memory/3568-9-0x000000000A600000-0x000000000A612000-memory.dmp
      Filesize

      72KB

      Download
    • memory/3568-10-0x000000000A620000-0x000000000A65C000-memory.dmp
      Filesize

      240KB

      Download
    • memory/3568-11-0x0000000000B50000-0x0000000000B9C000-memory.dmp
      Filesize

      304KB

      Download