Overview

overview

10

Static

static

9994d03fc6...f3.exe

windows7_x64

10

9994d03fc6...f3.exe

windows10-2004_x64

4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9994d03fc6c3694b798b09b5353499fff3ee0725c3284eb7d37be85ef57566f3

  • Size

    298KB

  • Sample

    220215-jp1kfscdh8

  • MD5

    1676e95a1ed00185ae6f7543c09ab970

  • SHA1

    4b6b01e119762ed7e205f278bc235311021252de

  • SHA256

    9994d03fc6c3694b798b09b5353499fff3ee0725c3284eb7d37be85ef57566f3

  • SHA512

    20e8de99910ccf8a9a559b75936d5fd4ac0d4ca2a0152050d264653d4c4b42c49e90b1a54acd85f23e04b4675bcc414db3546826019aec727aa65e86ab92ba48

Score
10/10
redlinetestbest1infostealer

Malware Config

Extracted

Family

redline

Botnet

TestBest1

C2

188.227.87.7:10234

Attributes
  • auth_value

    d73ae4ccf10288d66b7ba44724de00ab

Targets

    • Target

      9994d03fc6c3694b798b09b5353499fff3ee0725c3284eb7d37be85ef57566f3

    • Size

      298KB

    • MD5

      1676e95a1ed00185ae6f7543c09ab970

    • SHA1

      4b6b01e119762ed7e205f278bc235311021252de

    • SHA256

      9994d03fc6c3694b798b09b5353499fff3ee0725c3284eb7d37be85ef57566f3

    • SHA512

      20e8de99910ccf8a9a559b75936d5fd4ac0d4ca2a0152050d264653d4c4b42c49e90b1a54acd85f23e04b4675bcc414db3546826019aec727aa65e86ab92ba48

    Score
    10/10
    redlinetestbest1infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks