redline | 1176b04e2fafb75121c0123af0056d080ef97bf98f4fef47ffd7a48d55910db8 | Triage

Submit
Reports

Overview

overview

Static

static

88600217.exe

windows7_x64

88600217.exe

windows10-2004_x64

Sharing

General

Target

88600217.exe
Size

4.6MB
Sample

220323-z8f8xsage7
MD5

42c773c233daa41deb6cd9aaa3265a1f
SHA1

3178217f4cb7cbd95a6f286717800a8a48bb4fd7
SHA256

1176b04e2fafb75121c0123af0056d080ef97bf98f4fef47ffd7a48d55910db8
SHA512

bae421dc2ba0fb0b99b2f2155e16a575ba3299ef9f341b6110af95dfda8caf6e3c8dc36f182fd14f17adacc59eee160c655244b7e44ace6d9df043b130617071

Score

10^/10

redline @zhilsholi infostealer

Static task

static1

Behavioral task

behavioral1

Sample

88600217.exe

Resource

win7-20220311-en

redline @zhilsholi infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

88600217.exe

Resource

win10v2004-en-20220113

redline @zhilsholi infostealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

@zhilsholi

C2

yabynennet.xyz:81

Attributes

auth_value
c2d0b7a2ede97b91495c99e75b4f27fb

Targets

- Target
  
  88600217.exe
- Size
  
  4.6MB
- MD5
  
  42c773c233daa41deb6cd9aaa3265a1f
- SHA1
  
  3178217f4cb7cbd95a6f286717800a8a48bb4fd7
- SHA256
  
  1176b04e2fafb75121c0123af0056d080ef97bf98f4fef47ffd7a48d55910db8
- SHA512
  
  bae421dc2ba0fb0b99b2f2155e16a575ba3299ef9f341b6110af95dfda8caf6e3c8dc36f182fd14f17adacc59eee160c655244b7e44ace6d9df043b130617071
Score

10^/10

redline @zhilsholi infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redline@zhilsholiinfostealer

behavioral2

redline@zhilsholiinfostealer

© 2018-2024

Terms | Privacy