redline | a17209b819a454f90054a6de229f948177b1e421f1bd2c17d5633d64bc412c5f | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

a17209b819a454f90054a6de229f948177b1e421f1bd2c17d5633d64bc412c5f
Size

473KB
Sample

211216-qm8xdacbf3
MD5

67152b967be7058c9d7bc02353b342eb
SHA1

38b63764e9be58180353cbb206f13a6668bcb9d4
SHA256

a17209b819a454f90054a6de229f948177b1e421f1bd2c17d5633d64bc412c5f
SHA512

87abe65d91fd7724bbd15a1008658ccf54a350370c107b2f69f42f6b105a4d0d54ff1adcf2e34a1988cd71f51a1710328d4a16cbfbf6b0fc567e51aeee1322ab

Score

10^/10

redline siski infostealer

Static task

static1

Behavioral task

behavioral1

Sample

a17209b819a454f90054a6de229f948177b1e421f1bd2c17d5633d64bc412c5f.exe

Resource

win10-en-20211208

redline siski infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

Siski

C2

109.248.201.17:34060

Targets

- Target
  
  a17209b819a454f90054a6de229f948177b1e421f1bd2c17d5633d64bc412c5f
- Size
  
  473KB
- MD5
  
  67152b967be7058c9d7bc02353b342eb
- SHA1
  
  38b63764e9be58180353cbb206f13a6668bcb9d4
- SHA256
  
  a17209b819a454f90054a6de229f948177b1e421f1bd2c17d5633d64bc412c5f
- SHA512
  
  87abe65d91fd7724bbd15a1008658ccf54a350370c107b2f69f42f6b105a4d0d54ff1adcf2e34a1988cd71f51a1710328d4a16cbfbf6b0fc567e51aeee1322ab
Score

10^/10

redline siski infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesiskiinfostealer

© 2018-2024

Terms | Privacy