redline | c6ebefab2e87ee95b7bd9946bd7bf35ef367e0a8e6dcbc3722b7f7984a5ec272 | Triage

Submit
Reports

Overview

overview

Static

static

c1c1278e20...f3.exe

windows7_x64

1

c1c1278e20...f3.exe

windows10-2004_x64

Sharing

General

Target

c1c1278e20d3873a088dbe56dc1f59f3
Size

299KB
Sample

220603-cvtkrsfcb9
MD5

c1c1278e20d3873a088dbe56dc1f59f3
SHA1

b23531bf87624a717183756de5954cb059fd3df1
SHA256

c6ebefab2e87ee95b7bd9946bd7bf35ef367e0a8e6dcbc3722b7f7984a5ec272
SHA512

6756218a1618c14e040060075fcf52b15349b83fb7acddf2b304fd1fc2c023e957265d206e45cb46ce1082002fa9fef6ed5ba2460bfa50278e7598fe19f071c0

Score

10^/10

redline 1 infostealer

Static task

static1

Behavioral task

behavioral1

Sample

c1c1278e20d3873a088dbe56dc1f59f3.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c1c1278e20d3873a088dbe56dc1f59f3.exe

Resource

win10v2004-20220414-en

redline 1 infostealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

1

C2

65.108.5.252:43673

Attributes

auth_value
95517c2a2f56575288c35d9dfde4a6aa

Targets

- Target
  
  c1c1278e20d3873a088dbe56dc1f59f3
- Size
  
  299KB
- MD5
  
  c1c1278e20d3873a088dbe56dc1f59f3
- SHA1
  
  b23531bf87624a717183756de5954cb059fd3df1
- SHA256
  
  c6ebefab2e87ee95b7bd9946bd7bf35ef367e0a8e6dcbc3722b7f7984a5ec272
- SHA512
  
  6756218a1618c14e040060075fcf52b15349b83fb7acddf2b304fd1fc2c023e957265d206e45cb46ce1082002fa9fef6ed5ba2460bfa50278e7598fe19f071c0
Score

10^/10

redline 1 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

redline1infostealer

© 2018-2024

Terms | Privacy