Overview
overview
10Static
static
3Inject.rar
windows7-x64
10Inject.rar
windows10-2004-x64
3Inject/Inject.exe
windows7-x64
10Inject/Inject.exe
windows10-2004-x64
10Inject/_in...40.dll
windows7-x64
1Inject/_in...40.dll
windows10-2004-x64
1Inject/_in...z2.dll
windows7-x64
1Inject/_in...z2.dll
windows10-2004-x64
1Inject/_in...es.dll
windows7-x64
1Inject/_in...es.dll
windows10-2004-x64
1Inject/_in...al.dll
windows7-x64
1Inject/_in...al.dll
windows10-2004-x64
1Inject/_in...ib.dll
windows7-x64
1Inject/_in...ib.dll
windows10-2004-x64
1Inject/_in...ma.dll
windows7-x64
1Inject/_in...ma.dll
windows10-2004-x64
1Inject/_in...et.dll
windows7-x64
1Inject/_in...et.dll
windows10-2004-x64
1Inject/_in...ry.zip
windows7-x64
1Inject/_in...ry.zip
windows10-2004-x64
1Inject/_in..._1.dll
windows7-x64
1Inject/_in..._1.dll
windows10-2004-x64
1Inject/_in...-7.dll
windows7-x64
1Inject/_in...-7.dll
windows10-2004-x64
1Inject/_in...39.dll
windows7-x64
1Inject/_in...39.dll
windows10-2004-x64
1Inject/_in...ct.dll
windows7-x64
1Inject/_in...ct.dll
windows10-2004-x64
1Inject/_in...ta.dll
windows7-x64
1Inject/_in...ta.dll
windows10-2004-x64
1Analysis
-
max time kernel
150s -
max time network
155s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
25-05-2024 17:34
Static task
static1
Behavioral task
behavioral1
Sample
Inject.rar
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Inject.rar
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
Inject/Inject.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
Inject/Inject.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral5
Sample
Inject/_internal/VCRUNTIME140.dll
Resource
win7-20240419-en
Behavioral task
behavioral6
Sample
Inject/_internal/VCRUNTIME140.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
Inject/_internal/_bz2.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
Inject/_internal/_bz2.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral9
Sample
Inject/_internal/_ctypes.dll
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
Inject/_internal/_ctypes.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
Inject/_internal/_decimal.dll
Resource
win7-20240419-en
Behavioral task
behavioral12
Sample
Inject/_internal/_decimal.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
Inject/_internal/_hashlib.dll
Resource
win7-20240215-en
Behavioral task
behavioral14
Sample
Inject/_internal/_hashlib.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral15
Sample
Inject/_internal/_lzma.dll
Resource
win7-20240508-en
Behavioral task
behavioral16
Sample
Inject/_internal/_lzma.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
Inject/_internal/_socket.dll
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
Inject/_internal/_socket.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
Inject/_internal/base_library.zip
Resource
win7-20231129-en
Behavioral task
behavioral20
Sample
Inject/_internal/base_library.zip
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
Inject/_internal/libcrypto-1_1.dll
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
Inject/_internal/libcrypto-1_1.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral23
Sample
Inject/_internal/libffi-7.dll
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
Inject/_internal/libffi-7.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral25
Sample
Inject/_internal/python39.dll
Resource
win7-20240508-en
Behavioral task
behavioral26
Sample
Inject/_internal/python39.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral27
Sample
Inject/_internal/select.dll
Resource
win7-20240215-en
Behavioral task
behavioral28
Sample
Inject/_internal/select.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
Inject/_internal/unicodedata.dll
Resource
win7-20240220-en
Behavioral task
behavioral30
Sample
Inject/_internal/unicodedata.dll
Resource
win10v2004-20240508-en
General
-
Target
Inject/Inject.exe
-
Size
10.0MB
-
MD5
5c02826d4b0ee2ba6f50a9fef4f31281
-
SHA1
57adb9017811b37fe756093c9b7c61181ef2fe8b
-
SHA256
8ecd9f59a8ddd6a3d3e520fafb41ff63cbe36f881dd250b50b7f9212a6bbac57
-
SHA512
823b8fe1626bc1bb76c6a78711a9135ca7ca4ca353646d23d27d0b409d10712f0d348de7b7cd3bb49f77b240d5e3f1c7d2379c6fd4688cc7e00e242228ae8183
-
SSDEEP
3072:dTbNi8i4NfbYSgmdy6rWN1cHa7UCBR/QmGTyxKcvy55b0hOY0AROlRO6M98M2Uz:bv+8SWCkusb0hOY0AROlRO6MzHOwpFK
Malware Config
Signatures
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload 2 IoCs
Processes:
resource yara_rule behavioral3/memory/2820-0-0x0000000000220000-0x0000000000248000-memory.dmp family_redline behavioral3/memory/2820-5-0x0000000000400000-0x0000000000446000-memory.dmp family_redline