redline | 788c479dd24438feffbe33fda214468f3fbb2948d1c4c5ab24468544c7d8feed | Triage

Submit
Reports

Overview

overview

Static

static

11beeea95d...bd.exe

windows7_x64

11beeea95d...bd.exe

windows10-2004_x64

Sharing

General

Target

11beeea95d6006b6d76ba57c27bce7bd.exe
Size

1.3MB
Sample

220513-zkxwrsecem
MD5

11beeea95d6006b6d76ba57c27bce7bd
SHA1

399a216500f078ee141b045b2e1e7194f48689bc
SHA256

788c479dd24438feffbe33fda214468f3fbb2948d1c4c5ab24468544c7d8feed
SHA512

3dbe3db1963b63b24a5d620c31130193fb2b1a51fa1dc1bf5d6209027ea90b3d0d08e66a9d0c4a0eb1577e42c44a99d3a4cb7ee382ce0a29a64a509c6d445cd4

Score

10^/10

redline 1 infostealer

Static task

static1

Behavioral task

behavioral1

Sample

11beeea95d6006b6d76ba57c27bce7bd.exe

Resource

win7-20220414-en

redline 1 infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

11beeea95d6006b6d76ba57c27bce7bd.exe

Resource

win10v2004-20220414-en

redline 1 infostealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

1

C2

lisongealma.xyz:80

Attributes

auth_value
5f7063331aee56b8535fe77efc265597

Targets

- Target
  
  11beeea95d6006b6d76ba57c27bce7bd.exe
- Size
  
  1.3MB
- MD5
  
  11beeea95d6006b6d76ba57c27bce7bd
- SHA1
  
  399a216500f078ee141b045b2e1e7194f48689bc
- SHA256
  
  788c479dd24438feffbe33fda214468f3fbb2948d1c4c5ab24468544c7d8feed
- SHA512
  
  3dbe3db1963b63b24a5d620c31130193fb2b1a51fa1dc1bf5d6209027ea90b3d0d08e66a9d0c4a0eb1577e42c44a99d3a4cb7ee382ce0a29a64a509c6d445cd4
Score

10^/10

redline 1 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redline1infostealer

behavioral2

redline1infostealer

© 2018-2024

Terms | Privacy