redline | 2cbe0812081f1c8676e8fb96d9e4e08e6ac092c38982586030bd7302ed2b9a2d | Triage

Submit
Reports

Overview

overview

Static

static

637862922e...15.exe

windows7_x64

637862922e...15.exe

windows10_x64

Sharing

General

Target

637862922ea040811a79adf327863e15.exe
Size

388KB
Sample

210719-xj4cgndy9j
MD5

637862922ea040811a79adf327863e15
SHA1

cd9f3fa9a64e1f1283121c0d02ec4ecde47a4de5
SHA256

2cbe0812081f1c8676e8fb96d9e4e08e6ac092c38982586030bd7302ed2b9a2d
SHA512

b49a749fa554595b5c85ea778de056378555326cdd2c57a7c1e5d2f3e932730a6375f31247d6c8771838c7c791e097b9b83baf09578feb81b0fb3946796e9e29

Score

10^/10

redline 18_7_r infostealer

Static task

static1

Behavioral task

behavioral1

Sample

637862922ea040811a79adf327863e15.exe

Resource

win7v20210410

redline 18_7_r infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

637862922ea040811a79adf327863e15.exe

Resource

win10v20210408

redline 18_7_r infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

18_7_r

C2

xtarweanda.xyz:80

Targets

- Target
  
  637862922ea040811a79adf327863e15.exe
- Size
  
  388KB
- MD5
  
  637862922ea040811a79adf327863e15
- SHA1
  
  cd9f3fa9a64e1f1283121c0d02ec4ecde47a4de5
- SHA256
  
  2cbe0812081f1c8676e8fb96d9e4e08e6ac092c38982586030bd7302ed2b9a2d
- SHA512
  
  b49a749fa554595b5c85ea778de056378555326cdd2c57a7c1e5d2f3e932730a6375f31247d6c8771838c7c791e097b9b83baf09578feb81b0fb3946796e9e29
Score

10^/10

redline 18_7_r infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redline18_7_rinfostealer

behavioral2

redline18_7_rinfostealer

© 2018-2024

Terms | Privacy