redline | 63fd6bf15b0991d449174bc48825a2ccf0056e9cff75b407cbe9755241ef6a35 | Triage

Submit
Reports

Overview

overview

Static

static

ledarx.ex.exe

windows7_x64

ledarx.ex.exe

windows10_x64

Sharing

General

Target

ledarx.ex
Size

705KB
Sample

210916-talg4adgb3
MD5

1f331d518d0e425ab7642ccd638ec795
SHA1

71be2eec586f3a1dfb6971845a784ceeb049a838
SHA256

63fd6bf15b0991d449174bc48825a2ccf0056e9cff75b407cbe9755241ef6a35
SHA512

b449ca3c6410e035dfd7d45f5a37cbcdc8e4e97a8318ab36e513d7044115bcf7f23eb9dd8321f04ee04f93ff8cd626b1ec6b3913c0cd1d34eb5d0e0f80422b80

Score

10^/10

redline ruz infostealer

Static task

static1

Behavioral task

behavioral1

Sample

ledarx.ex.exe

Resource

win7-en

redline ruz infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ledarx.ex.exe

Resource

win10v20210408

redline ruz infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

RUZ

C2

sandedean.xyz:80

Targets

- Target
  
  ledarx.ex
- Size
  
  705KB
- MD5
  
  1f331d518d0e425ab7642ccd638ec795
- SHA1
  
  71be2eec586f3a1dfb6971845a784ceeb049a838
- SHA256
  
  63fd6bf15b0991d449174bc48825a2ccf0056e9cff75b407cbe9755241ef6a35
- SHA512
  
  b449ca3c6410e035dfd7d45f5a37cbcdc8e4e97a8318ab36e513d7044115bcf7f23eb9dd8321f04ee04f93ff8cd626b1ec6b3913c0cd1d34eb5d0e0f80422b80
Score

10^/10

redline ruz infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlineruzinfostealer

behavioral2

redlineruzinfostealer

© 2018-2024

Terms | Privacy