redline | 41ac2e00320886bafdc3d69895ed7e993cacf2ec032a2024d4164f6669c588c8 | Triage

Submit
Reports

Overview

overview

Static

static

5056-160-0...ry.exe

windows7_x64

5056-160-0...ry.exe

windows10-2004_x64

Sharing

General

Target

5056-160-0x0000000004A60000-0x0000000004A94000-memory.dmp
Size

208KB
Sample

220507-shpztafear
MD5

9ec1620d8067dddf3ace1a67ecd11f73
SHA1

4f0bd167f69cfd40feb91532121b690a5a51df56
SHA256

41ac2e00320886bafdc3d69895ed7e993cacf2ec032a2024d4164f6669c588c8
SHA512

76716213eb6ac0f65be1229f95197fda5383164d7df75ca7d08ff6d0fc1c6865f8a2746891101a8a5c5bef2790899f12e9cdbfdcb05a1cdc74dea7a9b6d5b165

Score

10^/10

redline 2 infostealer

Static task

static1

Behavioral task

behavioral1

Sample

5056-160-0x0000000004A60000-0x0000000004A94000-memory.exe

Resource

win7-20220414-en

redline 2 infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5056-160-0x0000000004A60000-0x0000000004A94000-memory.exe

Resource

win10v2004-20220414-en

redline 2 infostealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

2

C2

91.241.19.193:11630

Attributes

auth_value
8f1381a27a56c64f6bc5ea1d4744ee1a

Targets

- Target
  
  5056-160-0x0000000004A60000-0x0000000004A94000-memory.dmp
- Size
  
  208KB
- MD5
  
  9ec1620d8067dddf3ace1a67ecd11f73
- SHA1
  
  4f0bd167f69cfd40feb91532121b690a5a51df56
- SHA256
  
  41ac2e00320886bafdc3d69895ed7e993cacf2ec032a2024d4164f6669c588c8
- SHA512
  
  76716213eb6ac0f65be1229f95197fda5383164d7df75ca7d08ff6d0fc1c6865f8a2746891101a8a5c5bef2790899f12e9cdbfdcb05a1cdc74dea7a9b6d5b165
Score

10^/10

redline 2 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redline2infostealer

behavioral2

redline2infostealer

© 2018-2024

Terms | Privacy