redline | c07fc52760ae33dfdea072ebb41a558effed8b99c17abf62b23262453815ddd4 | Triage

Submit
Reports

Overview

overview

Static

static

Swift.pdf.exe

windows7_x64

Swift.pdf.exe

windows10-2004_x64

Sharing

General

Target

c07fc52760ae33dfdea072ebb41a558effed8b99c17abf62b23262453815ddd4
Size

800KB
Sample

220221-mbm9rafagl
MD5

3e45aae13cc364808b3bf8e77051cd21
SHA1

fd5bc59c8d056615c03ffecd3a69684522b010c7
SHA256

c07fc52760ae33dfdea072ebb41a558effed8b99c17abf62b23262453815ddd4
SHA512

260ea11353807521bd61c61dab4297ae1997a5c4b8f2d0a43dd640fbc2f57c5afe6e92ab0ed86bde02a499e0360e90f3acb4ee2abdf1cbab3eb78822f1737a98

Score

10^/10

redline 1 infostealer

Static task

static1

Behavioral task

behavioral1

Sample

Swift.pdf.exe

Resource

win7-en-20211208

redline 1 infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Swift.pdf.exe

Resource

win10v2004-en-20220113

redline 1 infostealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.147.231.74:81

Targets

- Target
  
  Swift.pdf.exe
- Size
  
  1.2MB
- MD5
  
  12bd6ccee06c7ec5762c2aecc7c3357d
- SHA1
  
  4821ff4545829ef14a14845880f35b273c2bf4b4
- SHA256
  
  85dd5d9ef955400038cae7ac32f2931c3b6966792bbfd353f14627c2261f2d9c
- SHA512
  
  c2e44bae87845b5321fac3de4fc602106914e820378d5926690f690edac7830922bfef91d6658eafb4747174d3e1060a22c9c33fc940b1c51494a8dfc20010cb
Score

10^/10

redline 1 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redline1infostealer

behavioral2

redline1infostealer

© 2018-2024

Terms | Privacy