Overview

overview

10

Static

static

f38d0cb23b...cf.exe

windows7_x64

10

f38d0cb23b...cf.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f38d0cb23b83e4dccb0ae0016b5c94156a93f1c7dfdcf.exe

  • Size

    378KB

  • Sample

    210519-4v4jtnth7x

  • MD5

    988a04b95560cf988b7cfa0daa3089ae

  • SHA1

    fd19469731f19ca0d7ea13c13f9a8ad4c22c0bde

  • SHA256

    f38d0cb23b83e4dccb0ae0016b5c94156a93f1c7dfdcf23ffef5c0a982e0f1d1

  • SHA512

    e6c0207d708a985c7cd152a7712f69a607cd31b94a937d01fcf3c8087f8436ddcb011dac3704a0cfa0a41f80b807b93b4cbdf11cebfc02270e6d307ff6dadf29

Score
10/10
redline121212infostealer

Malware Config

Extracted

Family

redline

Botnet

121212

C2

168.119.241.77:60932

Targets

    • Target

      f38d0cb23b83e4dccb0ae0016b5c94156a93f1c7dfdcf.exe

    • Size

      378KB

    • MD5

      988a04b95560cf988b7cfa0daa3089ae

    • SHA1

      fd19469731f19ca0d7ea13c13f9a8ad4c22c0bde

    • SHA256

      f38d0cb23b83e4dccb0ae0016b5c94156a93f1c7dfdcf23ffef5c0a982e0f1d1

    • SHA512

      e6c0207d708a985c7cd152a7712f69a607cd31b94a937d01fcf3c8087f8436ddcb011dac3704a0cfa0a41f80b807b93b4cbdf11cebfc02270e6d307ff6dadf29

    Score
    10/10
    redline121212infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks