redline | 6087cbea917f0062401149be475a2d9440d00ce2a962d3be3b16f26264729233 | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...02.exe

windows7_x64

SecuriteIn...02.exe

windows10-2004_x64

Sharing

General

Target

SecuriteInfo.com.Trojan.PWS.Steam.26450.29302.9996
Size

1.1MB
Sample

220308-yqefyabch8
MD5

1cb79dd340381e83c85a178c8a921b36
SHA1

3e8be81d4217a38a325058666395dcb32b122474
SHA256

6087cbea917f0062401149be475a2d9440d00ce2a962d3be3b16f26264729233
SHA512

f0425436b7df637bb9b886ea6759c3b225f1368a10dbdc890b3fc6ee5b3e5472f0d7da56bcf037d709c5d1ccbfdf516a18bde975f3f9165e278c89b5ac3a3766

Score

10^/10

redline bild infostealer

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Trojan.PWS.Steam.26450.29302.exe

Resource

win7-20220223-en

redline bild infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Trojan.PWS.Steam.26450.29302.exe

Resource

win10v2004-en-20220112

redline bild infostealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

bild

C2

95.216.21.217:19597

Attributes

auth_value
6a86304a315cc6a978ccb33feb915de5

Targets

- Target
  
  SecuriteInfo.com.Trojan.PWS.Steam.26450.29302.9996
- Size
  
  1.1MB
- MD5
  
  1cb79dd340381e83c85a178c8a921b36
- SHA1
  
  3e8be81d4217a38a325058666395dcb32b122474
- SHA256
  
  6087cbea917f0062401149be475a2d9440d00ce2a962d3be3b16f26264729233
- SHA512
  
  f0425436b7df637bb9b886ea6759c3b225f1368a10dbdc890b3fc6ee5b3e5472f0d7da56bcf037d709c5d1ccbfdf516a18bde975f3f9165e278c89b5ac3a3766
Score

10^/10

redline bild infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinebildinfostealer

behavioral2

redlinebildinfostealer

© 2018-2024

Terms | Privacy