Overview

overview

10

Static

static

118e8f3dd7...b5.exe

windows7_x64

10

118e8f3dd7...b5.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    118e8f3dd722b00bde8571f3b84cb278c21517e2c97e2795783b55263f44f1b5

  • Size

    3.6MB

  • Sample

    220604-c7hc9safbj

  • MD5

    34a6cfdf1745cec12dfbbf98c3b9f9e5

  • SHA1

    11727439dc908ac568b280e9ce83a0abe013df20

  • SHA256

    118e8f3dd722b00bde8571f3b84cb278c21517e2c97e2795783b55263f44f1b5

  • SHA512

    5e021c59b6aba8029ba22fffcd947502b1901759501338f5b806b35928fd29b5d780121ed923cd209eb8ad4b950d11a134566b9c647d3c6f8a25e95b84138437

Score
10/10
redlinetest1infostealer

Malware Config

Extracted

Family

redline

Botnet

test1

C2

disandillanne.xyz:80

Attributes
  • auth_value

    49b58bceac3797b6c21fd0772031e010

Targets

    • Target

      118e8f3dd722b00bde8571f3b84cb278c21517e2c97e2795783b55263f44f1b5

    • Size

      3.6MB

    • MD5

      34a6cfdf1745cec12dfbbf98c3b9f9e5

    • SHA1

      11727439dc908ac568b280e9ce83a0abe013df20

    • SHA256

      118e8f3dd722b00bde8571f3b84cb278c21517e2c97e2795783b55263f44f1b5

    • SHA512

      5e021c59b6aba8029ba22fffcd947502b1901759501338f5b806b35928fd29b5d780121ed923cd209eb8ad4b950d11a134566b9c647d3c6f8a25e95b84138437

    Score
    10/10
    redlinetest1infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks