redline | 57f0a9ff858a43eaed35ec6b5c8f71e67ad1bacf6edab26fda9f5fedc2847f3d | Triage

Submit
Reports

Overview

overview

Static

static

57f0a9ff85...3d.exe

windows7_x64

1

57f0a9ff85...3d.exe

windows10-2004_x64

Sharing

General

Target

57f0a9ff858a43eaed35ec6b5c8f71e67ad1bacf6edab26fda9f5fedc2847f3d
Size

787KB
Sample

220319-l129jafdgl
MD5

51abbeb64421102bb90f4505f4d5a22e
SHA1

3d22e24ae28a6eb2da2963c0567f79728d3c6964
SHA256

57f0a9ff858a43eaed35ec6b5c8f71e67ad1bacf6edab26fda9f5fedc2847f3d
SHA512

c819e0dcdfac39a4e8f1774e73f130d84c10b9f9b5665bb8b640496a3599b7bfc0e3556503761ce1290fa0513cb199d3bf66d96309235288e7a4d063ca8295d3

Score

10^/10

redline 2 infostealer

Static task

static1

Behavioral task

behavioral1

Sample

57f0a9ff858a43eaed35ec6b5c8f71e67ad1bacf6edab26fda9f5fedc2847f3d.exe

Resource

win7-20220310-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

57f0a9ff858a43eaed35ec6b5c8f71e67ad1bacf6edab26fda9f5fedc2847f3d.exe

Resource

win10v2004-en-20220113

redline 2 infostealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

2

C2

188.119.112.224:2581

Targets

- Target
  
  57f0a9ff858a43eaed35ec6b5c8f71e67ad1bacf6edab26fda9f5fedc2847f3d
- Size
  
  787KB
- MD5
  
  51abbeb64421102bb90f4505f4d5a22e
- SHA1
  
  3d22e24ae28a6eb2da2963c0567f79728d3c6964
- SHA256
  
  57f0a9ff858a43eaed35ec6b5c8f71e67ad1bacf6edab26fda9f5fedc2847f3d
- SHA512
  
  c819e0dcdfac39a4e8f1774e73f130d84c10b9f9b5665bb8b640496a3599b7bfc0e3556503761ce1290fa0513cb199d3bf66d96309235288e7a4d063ca8295d3
Score

10^/10

redline 2 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

redline2infostealer

© 2018-2024

Terms | Privacy