redline | b56f3ef36c1a05d0bc5b28b9bc7e38a5f8d8ff49c05fab2c686976fd195f73fa

Analysis

max time kernel
150s
max time network
155s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
25-05-2024 17:34

Target

Inject/Inject.exe
Size

10.0MB
MD5

5c02826d4b0ee2ba6f50a9fef4f31281
SHA1

57adb9017811b37fe756093c9b7c61181ef2fe8b
SHA256

8ecd9f59a8ddd6a3d3e520fafb41ff63cbe36f881dd250b50b7f9212a6bbac57
SHA512

823b8fe1626bc1bb76c6a78711a9135ca7ca4ca353646d23d27d0b409d10712f0d348de7b7cd3bb49f77b240d5e3f1c7d2379c6fd4688cc7e00e242228ae8183
SSDEEP

3072:dTbNi8i4NfbYSgmdy6rWN1cHa7UCBR/QmGTyxKcvy55b0hOY0AROlRO6M98M2Uz:bv+8SWCkusb0hOY0AROlRO6MzHOwpFK

Score

10^/10

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

RedLine payload 2 IoCs

Processes:

resource	yara_rule
behavioral3/memory/2820-0-0x0000000000220000-0x0000000000248000-memory.dmp	family_redline
behavioral3/memory/2820-5-0x0000000000400000-0x0000000000446000-memory.dmp	family_redline

C:\Users\Admin\AppData\Local\Temp\Inject\Inject.exe
"C:\Users\Admin\AppData\Local\Temp\Inject\Inject.exe"
1⤵
PID:2820

memory/2820-4-0x0000000000401000-0x0000000000403000-memory.dmp

Filesize
8KB

Download
memory/2820-0-0x0000000000220000-0x0000000000248000-memory.dmp

Filesize
160KB

Download
memory/2820-5-0x0000000000400000-0x0000000000446000-memory.dmp

Filesize
280KB

Download