Overview

overview

10

Static

static

610c668380...b3.exe

windows7_x64

10

610c668380...b3.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    610c668380bad93964320bea5957b4c08861e277abc78230a770ad45194905b3

  • Size

    715KB

  • Sample

    220215-tmn4raaahk

  • MD5

    4da64a00d7ff89c04d675f50c32ee458

  • SHA1

    505f39f4039bf5cba0009ea7b7d856f57d31a592

  • SHA256

    610c668380bad93964320bea5957b4c08861e277abc78230a770ad45194905b3

  • SHA512

    d38b6c1aea8763bdfc4e5cbaab8d65a74cf3bdf4d4230efc7005416a58f83742df46b213b91a83967aeb6d9dfccaa038adbf6001569e520b26373fa8f00ab9f4

Score
10/10
redlinenew1infostealer

Malware Config

Extracted

Family

redline

Botnet

new1

C2

185.180.220.105:11915

Targets

    • Target

      610c668380bad93964320bea5957b4c08861e277abc78230a770ad45194905b3

    • Size

      715KB

    • MD5

      4da64a00d7ff89c04d675f50c32ee458

    • SHA1

      505f39f4039bf5cba0009ea7b7d856f57d31a592

    • SHA256

      610c668380bad93964320bea5957b4c08861e277abc78230a770ad45194905b3

    • SHA512

      d38b6c1aea8763bdfc4e5cbaab8d65a74cf3bdf4d4230efc7005416a58f83742df46b213b91a83967aeb6d9dfccaa038adbf6001569e520b26373fa8f00ab9f4

    Score
    10/10
    redlinenew1infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks