redline | e82b6a388c857c85725c43648a57f6ba037f961f7786a721a1bbdade6e86dda3 | Triage

Submit
Reports

Overview

overview

Static

static

5d270754f0...89.exe

windows7_x64

5d270754f0...89.exe

windows10_x64

Sharing

General

Target

5d270754f01dc386e2fd92d17b712089
Size

432KB
Sample

210919-tgryfscbe5
MD5

5d270754f01dc386e2fd92d17b712089
SHA1

54f3dfbd240c1d386b5dcdf40c992fbe5ec6c54a
SHA256

e82b6a388c857c85725c43648a57f6ba037f961f7786a721a1bbdade6e86dda3
SHA512

113e1fa970cfa8ac3d4c97e7c3cfdc09aa6031e24666fbf819702e652ef610cfc7b900aca30bf2810c388c8ab77978394c0344f16395957bea406de1ae1c72cb

Score

10^/10

redline matthew14 infostealer

Static task

static1

Behavioral task

behavioral1

Sample

5d270754f01dc386e2fd92d17b712089.exe

Resource

win7v20210408

redline matthew14 infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5d270754f01dc386e2fd92d17b712089.exe

Resource

win10v20210408

redline matthew14 infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

matthew14

C2

193.188.21.209:41939

Targets

- Target
  
  5d270754f01dc386e2fd92d17b712089
- Size
  
  432KB
- MD5
  
  5d270754f01dc386e2fd92d17b712089
- SHA1
  
  54f3dfbd240c1d386b5dcdf40c992fbe5ec6c54a
- SHA256
  
  e82b6a388c857c85725c43648a57f6ba037f961f7786a721a1bbdade6e86dda3
- SHA512
  
  113e1fa970cfa8ac3d4c97e7c3cfdc09aa6031e24666fbf819702e652ef610cfc7b900aca30bf2810c388c8ab77978394c0344f16395957bea406de1ae1c72cb
Score

10^/10

redline matthew14 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinematthew14infostealer

behavioral2

redlinematthew14infostealer

© 2018-2024

Terms | Privacy