metastealer | d90a676155980ede43b02a6d9f7d793a138dac32157b40b7b567b76a5eb581c8 | Triage

Submit
Reports

Overview

overview

Static

static

Discord Ni...or.exe

windows10_x64

Discord Ni...or.exe

windows10-2004_x64

Sharing

General

Target

Discord Nitro Generator.exe
Size

1.8MB
Sample

220414-r5228adbbk
MD5

c28de7f93469b90ca01ebb61f06abb83
SHA1

06fd9ae38aba81c5e1d0d35c25ee595d7b42ec67
SHA256

d90a676155980ede43b02a6d9f7d793a138dac32157b40b7b567b76a5eb581c8
SHA512

046c052842f3c33b535378997f03f07f7bbcab7e127b2c8d6aa452b84f8090c9954febc71d42b97daf496745b4e6de2a4b368bf316351ea3af3b9cba6b4aa014

Score

10^/10

metastealer redline 1135890973 infostealer stealer

Static task

static1

Behavioral task

behavioral1

Sample

Discord Nitro Generator.exe

Resource

win10-20220331-en

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Discord Nitro Generator.exe

Resource

win10v2004-en-20220113

metastealer redline 1135890973 infostealer stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

1135890973

C2

37.1.213.9:17292

Attributes

auth_value
1c94da41d44c0642760a7ba23cfb6d24

Targets

- Target
  
  Discord Nitro Generator.exe
- Size
  
  1.8MB
- MD5
  
  c28de7f93469b90ca01ebb61f06abb83
- SHA1
  
  06fd9ae38aba81c5e1d0d35c25ee595d7b42ec67
- SHA256
  
  d90a676155980ede43b02a6d9f7d793a138dac32157b40b7b567b76a5eb581c8
- SHA512
  
  046c052842f3c33b535378997f03f07f7bbcab7e127b2c8d6aa452b84f8090c9954febc71d42b97daf496745b4e6de2a4b368bf316351ea3af3b9cba6b4aa014
Score

10^/10

metastealer redline 1135890973 infostealer stealer
- Meta Stealer Stealer
  Meta Stealer steals passwords stored in browsers, written in C++.
  stealer metastealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

metastealerredline1135890973infostealerstealer

© 2018-2025

Terms | Privacy