General
Target

bbf6333049734115878e6b4be657504e87aa290da228477175963edfdb3a3051

Size

482KB

Sample

220326-kf9bnsaeg4

Score
10/10
MD5

36a1cc43403a58fd1e704fa35a7e4de6

SHA1

b7bcc8e43ab11bdcfae71d91acbd1895e058aea1

SHA256

bbf6333049734115878e6b4be657504e87aa290da228477175963edfdb3a3051

SHA512

20c289d5660729bc42db81426075a17379407637f2ea1c81411249a3213d40b8ae38bd9f0f5a85ca62af6bab060b047931af4433b5febc60ba559dd9bc98c5e6

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.14.49.66:35200

Targets
Target

bbf6333049734115878e6b4be657504e87aa290da228477175963edfdb3a3051

MD5

36a1cc43403a58fd1e704fa35a7e4de6

Filesize

482KB

Score
10/10
SHA1

b7bcc8e43ab11bdcfae71d91acbd1895e058aea1

SHA256

bbf6333049734115878e6b4be657504e87aa290da228477175963edfdb3a3051

SHA512

20c289d5660729bc42db81426075a17379407637f2ea1c81411249a3213d40b8ae38bd9f0f5a85ca62af6bab060b047931af4433b5febc60ba559dd9bc98c5e6

Tags

Signatures

  • RedLine

    Description

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    Tags

  • RedLine Payload

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10