Overview

overview

10

Static

static

efd360b235...76.exe

windows7_x64

10

efd360b235...76.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    efd360b2356c73705b720b6a75fb5376.exe

  • Size

    1.1MB

  • Sample

    201214-nmj3q8rxta

  • MD5

    efd360b2356c73705b720b6a75fb5376

  • SHA1

    6bf80e400bad4ad4755c2d6cfb987dc3a999316a

  • SHA256

    5637daf1b0a5e312bf2118b89083c186fa32f074a12006ef7df0e49ce51f40c1

  • SHA512

    d7c9624c1715b70528d5e54a0f3281c4a9d2c0ac15230401cd12b976df4108c65364f274d42b5f8389ba1361b7ae12c9460630cccc47b32b1098bc64722e47fa

Score
10/10
redlineinfostealer

Malware Config

Targets

    • Target

      efd360b2356c73705b720b6a75fb5376.exe

    • Size

      1.1MB

    • MD5

      efd360b2356c73705b720b6a75fb5376

    • SHA1

      6bf80e400bad4ad4755c2d6cfb987dc3a999316a

    • SHA256

      5637daf1b0a5e312bf2118b89083c186fa32f074a12006ef7df0e49ce51f40c1

    • SHA512

      d7c9624c1715b70528d5e54a0f3281c4a9d2c0ac15230401cd12b976df4108c65364f274d42b5f8389ba1361b7ae12c9460630cccc47b32b1098bc64722e47fa

    Score
    10/10
    redlineinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks