Overview

overview

10

Static

static

f38d0cb23b83e4...cf.exe

windows7_x64

10

f38d0cb23b83e4...cf.exe

windows10_x64

10
General
Target

f38d0cb23b83e4dccb0ae0016b5c94156a93f1c7dfdcf.exe

Size

378KB

Sample

210519-4v4jtnth7x

Score
10/10
MD5

988a04b95560cf988b7cfa0daa3089ae

SHA1

fd19469731f19ca0d7ea13c13f9a8ad4c22c0bde

SHA256

f38d0cb23b83e4dccb0ae0016b5c94156a93f1c7dfdcf23ffef5c0a982e0f1d1

SHA512

e6c0207d708a985c7cd152a7712f69a607cd31b94a937d01fcf3c8087f8436ddcb011dac3704a0cfa0a41f80b807b93b4cbdf11cebfc02270e6d307ff6dadf29

Malware Config

Extracted

Family

redline
Botnet

121212
C2

168.119.241.77:60932
Targets
Target

f38d0cb23b83e4dccb0ae0016b5c94156a93f1c7dfdcf.exe

MD5

988a04b95560cf988b7cfa0daa3089ae

Filesize

378KB

Score
10/10
SHA1

fd19469731f19ca0d7ea13c13f9a8ad4c22c0bde

SHA256

f38d0cb23b83e4dccb0ae0016b5c94156a93f1c7dfdcf23ffef5c0a982e0f1d1

SHA512

e6c0207d708a985c7cd152a7712f69a607cd31b94a937d01fcf3c8087f8436ddcb011dac3704a0cfa0a41f80b807b93b4cbdf11cebfc02270e6d307ff6dadf29

Tags

Signatures

  • RedLine

    Description

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    Tags

  • RedLine Payload

  • Suspicious use of SetThreadContext

Related Tasks

behavioral1behavioral2
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10