redline | 6c2fc47191c17a3bef2060481ca8c058336ad27c731b245212364c132081fc2a | Triage

Submit
Reports

Overview

overview

Static

static

be5006a529...8b.exe

windows7_x64

be5006a529...8b.exe

windows10_x64

Sharing

General

Target

be5006a529a06f16a268bdb477d8878b
Size

431KB
Sample

210926-vs48lafbf6
MD5

be5006a529a06f16a268bdb477d8878b
SHA1

7763f470338bf5556cd3f23c3ecababfcd5dd9b1
SHA256

6c2fc47191c17a3bef2060481ca8c058336ad27c731b245212364c132081fc2a
SHA512

1a80b6018c4ff565d3af3c76eca56fa0aa68cebcdb2affc2793dbdfc8d779a90aaf7f79b25b4b8f1918b4e2f43eb7dd47ad30e4ef06dc7126e26831b34cf9cd4

Score

10^/10

redline felix2009 infostealer

Static task

static1

Behavioral task

behavioral1

Sample

be5006a529a06f16a268bdb477d8878b.exe

Resource

win7v20210408

redline felix2009 infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

be5006a529a06f16a268bdb477d8878b.exe

Resource

win10-en-20210920

redline felix2009 infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

felix2009

C2

213.166.69.181:64650

Targets

- Target
  
  be5006a529a06f16a268bdb477d8878b
- Size
  
  431KB
- MD5
  
  be5006a529a06f16a268bdb477d8878b
- SHA1
  
  7763f470338bf5556cd3f23c3ecababfcd5dd9b1
- SHA256
  
  6c2fc47191c17a3bef2060481ca8c058336ad27c731b245212364c132081fc2a
- SHA512
  
  1a80b6018c4ff565d3af3c76eca56fa0aa68cebcdb2affc2793dbdfc8d779a90aaf7f79b25b4b8f1918b4e2f43eb7dd47ad30e4ef06dc7126e26831b34cf9cd4
Score

10^/10

redline felix2009 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinefelix2009infostealer

behavioral2

redlinefelix2009infostealer

© 2018-2024

Terms | Privacy