redline | aa0b78eec724b44accdd3d1d0bd7f6b775664acb4333328269c4cf6f4dd190f8 | Triage

Submit
Reports

Overview

overview

Static

static

65360019.exe

windows7_x64

65360019.exe

windows10-2004_x64

Sharing

General

Target

65360019.exe
Size

4.6MB
Sample

220323-fe5jwafdg5
MD5

8daaa6e60c0c7287492aabf5614967ca
SHA1

bc63fc6924c57b09d310288cca7eecda6c64a0b7
SHA256

aa0b78eec724b44accdd3d1d0bd7f6b775664acb4333328269c4cf6f4dd190f8
SHA512

ba72f9f44aff4bd0ec34df893f81ba60a6aff935c167765964a88b902c887b0be62b9a75acf25ab0f3a4c3b4de59055c540820a71e22eebd9bef3a8b86fbd6b7

Score

10^/10

redline @jabka9983 infostealer

Static task

static1

Behavioral task

behavioral1

Sample

65360019.exe

Resource

win7-20220310-en

redline @jabka9983 infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

65360019.exe

Resource

win10v2004-20220310-en

redline @jabka9983 infostealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

@JABKA9983

C2

95.214.8.54:25565

Attributes

auth_value
6da5168841968f263b7c520ddc0c88b3

Targets

- Target
  
  65360019.exe
- Size
  
  4.6MB
- MD5
  
  8daaa6e60c0c7287492aabf5614967ca
- SHA1
  
  bc63fc6924c57b09d310288cca7eecda6c64a0b7
- SHA256
  
  aa0b78eec724b44accdd3d1d0bd7f6b775664acb4333328269c4cf6f4dd190f8
- SHA512
  
  ba72f9f44aff4bd0ec34df893f81ba60a6aff935c167765964a88b902c887b0be62b9a75acf25ab0f3a4c3b4de59055c540820a71e22eebd9bef3a8b86fbd6b7
Score

10^/10

redline @jabka9983 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redline@jabka9983infostealer

behavioral2

redline@jabka9983infostealer

© 2018-2024

Terms | Privacy