redline | 7ca61d0c6da0befe6f8dcb57e761d655eaf524c6266425bbf18fcc5a02351f32 | Triage

Submit
Reports

Overview

overview

Static

static

usfive_202...55.exe

windows7_x64

usfive_202...55.exe

windows10_x64

Sharing

General

Target

usfive_20210923-211555
Size

129KB
Sample

210926-nzesysegbk
MD5

f3ece1fccde488f4b34e2e6d8acf8bc6
SHA1

b2388fd305a16419830d2a1f77bd06aeb163a570
SHA256

7ca61d0c6da0befe6f8dcb57e761d655eaf524c6266425bbf18fcc5a02351f32
SHA512

1433bf9963c9092e93bf16ea565596b9b0878c71bc477de8ab6d1c725c099a00467063339271f82ab151f62377701332e076688abb379215124d9be7b8d73939

Score

10^/10

redline raketa infostealer

Static task

static1

Behavioral task

behavioral1

Sample

usfive_20210923-211555.exe

Resource

win7-en-20210920

redline raketa infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

usfive_20210923-211555.exe

Resource

win10v20210408

redline raketa infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

raketa

C2

45.144.29.94:61419

Targets

- Target
  
  usfive_20210923-211555
- Size
  
  129KB
- MD5
  
  f3ece1fccde488f4b34e2e6d8acf8bc6
- SHA1
  
  b2388fd305a16419830d2a1f77bd06aeb163a570
- SHA256
  
  7ca61d0c6da0befe6f8dcb57e761d655eaf524c6266425bbf18fcc5a02351f32
- SHA512
  
  1433bf9963c9092e93bf16ea565596b9b0878c71bc477de8ab6d1c725c099a00467063339271f82ab151f62377701332e076688abb379215124d9be7b8d73939
Score

10^/10

redline raketa infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlineraketainfostealer

behavioral2

redlineraketainfostealer

© 2018-2024

Terms | Privacy