redline | 82b844c1e452640ba4bf4ef2ec6187d16673b3113af6a92ac684ca3ba6a82859 | Triage

Submit
Reports

Overview

overview

Static

static

God of War.exe

windows7_x64

God of War.exe

windows10_x64

Sharing

General

Target

God of War.exe
Size

1.2MB
Sample

220127-ltcqasafej
MD5

484c3ab4ae2795dce03be108c01ea316
SHA1

459b95db4341640c1c249bce55e74a39e256e2d4
SHA256

82b844c1e452640ba4bf4ef2ec6187d16673b3113af6a92ac684ca3ba6a82859
SHA512

956ebe3f1ddfb4aa565ccddf00184f787592b22aa548cdc82391bf1233b8ccd707aa90e6b9e73b42b28a9ddc637ca3ce79e070319445d35bcec907ae30477059

Score

10^/10

redline cheat infostealer suricata

Static task

static1

Behavioral task

behavioral1

Sample

God of War.exe

Resource

win7-en-20211208

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

God of War.exe

Resource

win10-en-20211208

redline cheat infostealer suricata

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

C2

5.206.227.246:80

Extracted

Family

redline

Botnet

cheat

C2

185.253.7.41:49508

Targets

- Target
  
  God of War.exe
- Size
  
  1.2MB
- MD5
  
  484c3ab4ae2795dce03be108c01ea316
- SHA1
  
  459b95db4341640c1c249bce55e74a39e256e2d4
- SHA256
  
  82b844c1e452640ba4bf4ef2ec6187d16673b3113af6a92ac684ca3ba6a82859
- SHA512
  
  956ebe3f1ddfb4aa565ccddf00184f787592b22aa548cdc82391bf1233b8ccd707aa90e6b9e73b42b28a9ddc637ca3ce79e070319445d35bcec907ae30477059
Score

10^/10

redline infostealer cheat suricata
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- suricata: ET MALWARE JS/Nemucod requesting EXE payload 2016-02-01
  suricata: ET MALWARE JS/Nemucod requesting EXE payload 2016-02-01
  suricata
- suricata: ET MALWARE JS/Nemucod.M.gen downloading EXE payload
  suricata: ET MALWARE JS/Nemucod.M.gen downloading EXE payload
  suricata
- Downloads MZ/PE file
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlinecheatinfostealersuricata

© 2018-2024

Terms | Privacy