redline | 4d8309e61b643087a4e16416bc5be07330a82fdf7e8e6b81baa2656fd9ba58e9 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

4d8309e61b643087a4e16416bc5be07330a82fdf7e8e6b81baa2656fd9ba58e9
Size

655KB
Sample

211109-rdjrkacdfq
MD5

7b8ff8330de56d82144f559512ef59cd
SHA1

791902ec9541ae39a06cf57885b16d13d4146cdc
SHA256

4d8309e61b643087a4e16416bc5be07330a82fdf7e8e6b81baa2656fd9ba58e9
SHA512

2edc7b2650ad26abf5af4165e5ac2392a0e992737c80c528844689fde6a49d21428079c8eb877b5b504ae97ed0496517c6c47ca6c4db838058849c3aef8d9c66

Score

10^/10

redline 09.11 infostealer suricata

Static task

static1

Behavioral task

behavioral1

Sample

4d8309e61b643087a4e16416bc5be07330a82fdf7e8e6b81baa2656fd9ba58e9.exe

Resource

win10-en-20211104

redline 09.11 infostealer suricata

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

09.11

C2

185.215.113.17:7700

Targets

- Target
  
  4d8309e61b643087a4e16416bc5be07330a82fdf7e8e6b81baa2656fd9ba58e9
- Size
  
  655KB
- MD5
  
  7b8ff8330de56d82144f559512ef59cd
- SHA1
  
  791902ec9541ae39a06cf57885b16d13d4146cdc
- SHA256
  
  4d8309e61b643087a4e16416bc5be07330a82fdf7e8e6b81baa2656fd9ba58e9
- SHA512
  
  2edc7b2650ad26abf5af4165e5ac2392a0e992737c80c528844689fde6a49d21428079c8eb877b5b504ae97ed0496517c6c47ca6c4db838058849c3aef8d9c66
Score

10^/10

redline 09.11 infostealer suricata
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- suricata: ET MALWARE AutoHotkey Downloader Checkin via IPLogger
  suricata: ET MALWARE AutoHotkey Downloader Checkin via IPLogger
  suricata
- suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
  suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
  suricata
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

redline09.11infostealersuricata

© 2018-2024

Terms | Privacy