a9898d9c1520abc9310c3679d142dd7f.exe

General
Target

a9898d9c1520abc9310c3679d142dd7f.exe

Size

693KB

Sample

220128-ancmkadee4

Score
10 /10
MD5

a9898d9c1520abc9310c3679d142dd7f

SHA1

b0c3a45d1f2ad37fdc840553fc6638f74a38a66e

SHA256

d9213d0adeb046eda1ab1551235f3d5f4566acebe327b7e817effccf5f6d9070

SHA512

b504a3751ada33fdec8c81a38d5e168947f143a74010b0377f7edada56df893036f0b73ccb3050257cc976bbdbef3bca976b4487daee90e01890ec1400716255

Malware Config

Extracted

Family redline
Botnet BASICS
C2

62.197.136.3:7766

Targets
Target

a9898d9c1520abc9310c3679d142dd7f.exe

MD5

a9898d9c1520abc9310c3679d142dd7f

Filesize

693KB

Score
10/10
SHA1

b0c3a45d1f2ad37fdc840553fc6638f74a38a66e

SHA256

d9213d0adeb046eda1ab1551235f3d5f4566acebe327b7e817effccf5f6d9070

SHA512

b504a3751ada33fdec8c81a38d5e168947f143a74010b0377f7edada56df893036f0b73ccb3050257cc976bbdbef3bca976b4487daee90e01890ec1400716255

Tags

Signatures

  • RedLine

    Description

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    Tags

  • RedLine Payload

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10