redline | b8e902d0a3a533b5a9f495f58c69692ae79917fbf9fa7829a9c52d4012e7a060 | Triage

Submit
Reports

Overview

overview

Static

static

E2D959B367...CF.exe

windows7_x64

E2D959B367...CF.exe

windows10_x64

Sharing

General

Target

E2D959B36754B37727EF0C54B11EF3CF.exe
Size

606KB
Sample

210826-rmwc92h57x
MD5

e2d959b36754b37727ef0c54b11ef3cf
SHA1

fffc93eec7deeda7d17ab729f89d4c5e01d781cf
SHA256

b8e902d0a3a533b5a9f495f58c69692ae79917fbf9fa7829a9c52d4012e7a060
SHA512

9a1b180bdba8fa4d0e4c8e9e3417653278d531811ac4cfe89ad988690e006bbb531824d4c1b5c94b07b1f7f98fa47d6b8a5c64a1be2818084e60e25c2b45c807

Score

10^/10

redline nanani infostealer

Static task

static1

Behavioral task

behavioral1

Sample

E2D959B36754B37727EF0C54B11EF3CF.exe

Resource

win7v20210408

redline nanani infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

E2D959B36754B37727EF0C54B11EF3CF.exe

Resource

win10v20210410

redline nanani infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

NANani

C2

87.251.71.14:89

Targets

- Target
  
  E2D959B36754B37727EF0C54B11EF3CF.exe
- Size
  
  606KB
- MD5
  
  e2d959b36754b37727ef0c54b11ef3cf
- SHA1
  
  fffc93eec7deeda7d17ab729f89d4c5e01d781cf
- SHA256
  
  b8e902d0a3a533b5a9f495f58c69692ae79917fbf9fa7829a9c52d4012e7a060
- SHA512
  
  9a1b180bdba8fa4d0e4c8e9e3417653278d531811ac4cfe89ad988690e006bbb531824d4c1b5c94b07b1f7f98fa47d6b8a5c64a1be2818084e60e25c2b45c807
Score

10^/10

redline nanani infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinenananiinfostealer

behavioral2

redlinenananiinfostealer

© 2018-2024

Terms | Privacy