extremeinjectorv3.7.2.exe

General
Target

extremeinjectorv3.7.2.exe

Size

1018KB

Sample

210403-8j7qxf1122

Score
10 /10
MD5

89a392f9f9724a91263257a46d48daa9

SHA1

1d172b4b0188a5215f5a0666564ce092fd08833b

SHA256

6cb286357b8a941afc3a992394e5d44ad00a8410593b182f962619ef506c835e

SHA512

eb158d2f28d91ac3a8e90003c45041660f6be5b3c25bfa9bb8243e15a7cdd29f8ec90463cf1810371485dc7199c334b93bcf72f9f7a1d25b02bdadb9fb0467dd

Malware Config

Extracted

Family redline
Botnet @DOMEN777
C2

87.251.71.211:80

Targets
Target

extremeinjectorv3.7.2.exe

MD5

89a392f9f9724a91263257a46d48daa9

Filesize

1018KB

Score
10 /10
SHA1

1d172b4b0188a5215f5a0666564ce092fd08833b

SHA256

6cb286357b8a941afc3a992394e5d44ad00a8410593b182f962619ef506c835e

SHA512

eb158d2f28d91ac3a8e90003c45041660f6be5b3c25bfa9bb8243e15a7cdd29f8ec90463cf1810371485dc7199c334b93bcf72f9f7a1d25b02bdadb9fb0467dd

Tags

Signatures

  • RedLine

    Description

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    Tags

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Discovery
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        behavioral1

                        10/10

                        behavioral2

                        10/10