Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
10-12-2024 02:46
General
-
Target
64c6de02e5547ed85076d8657ed2e4ea56d481adaf16881081752fb4339a3647.exe
-
Size
223KB
-
MD5
60031f413c1e9f1191a6c08c4802532c
-
SHA1
d3aaf73f73bc6e92c96a39c8fa1d1ec3878fd92c
-
SHA256
64c6de02e5547ed85076d8657ed2e4ea56d481adaf16881081752fb4339a3647
-
SHA512
6354b0cde7204fe51079c98ec88482ccf5c600df69987c68d21e155b45be90e2719918aa9458f298329fa04a2264e38951a2d839e321664be70021ff49ee78a3
-
SSDEEP
3072:SF+DN7amVZujgOWHQ34eTIOzbqe65cDaDUAYTinVkkE6QpuRr8vD2:E+57amV8gvw9jbqViDlTijy0rsD2
Score
10/10
Malware Config
Signatures
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload 1 IoCs
-
Redline family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\64c6de02e5547ed85076d8657ed2e4ea56d481adaf16881081752fb4339a3647.exe"C:\Users\Admin\AppData\Local\Temp\64c6de02e5547ed85076d8657ed2e4ea56d481adaf16881081752fb4339a3647.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
-
Filesize
192KB
-
Filesize
6.9MB
-
Filesize
4KB
-
Filesize
6.9MB