redline | 62bc8ea3db3cff80d57cfc3b6a822bbda1b427d0a645843c7480c20e56417af4 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

62bc8ea3db3cff80d57cfc3b6a822bbda1b427d0a645843c7480c20e56417af4
Size

715KB
Sample

220613-j6k64aegej
MD5

3b6d8af290d0c23114dd6a3da8e40236
SHA1

9aedf1b20530fb81a616755debf7355e9209719a
SHA256

62bc8ea3db3cff80d57cfc3b6a822bbda1b427d0a645843c7480c20e56417af4
SHA512

29bf4601297f541704aa8925abbcf249cb78dce9e48b7d3551301178e5b7c4af97654d0ce3dd216198fcb3d8b656153ec62bdf3c2b0ae466d60f850e6478c892

Score

10^/10

redline 76 infostealer spyware

Static task

static1

Behavioral task

behavioral1

Sample

62bc8ea3db3cff80d57cfc3b6a822bbda1b427d0a645843c7480c20e56417af4.exe

Resource

win10-20220414-en

redline 76 infostealer spyware

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

76

C2

139.99.32.83:43199

Attributes

auth_value
44d461325298129ed3c705440f57962c

Targets

- Target
  
  62bc8ea3db3cff80d57cfc3b6a822bbda1b427d0a645843c7480c20e56417af4
- Size
  
  715KB
- MD5
  
  3b6d8af290d0c23114dd6a3da8e40236
- SHA1
  
  9aedf1b20530fb81a616755debf7355e9209719a
- SHA256
  
  62bc8ea3db3cff80d57cfc3b6a822bbda1b427d0a645843c7480c20e56417af4
- SHA512
  
  29bf4601297f541704aa8925abbcf249cb78dce9e48b7d3551301178e5b7c4af97654d0ce3dd216198fcb3d8b656153ec62bdf3c2b0ae466d60f850e6478c892
Score

10^/10

redline 76 infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redline76infostealerspyware

© 2018-2024

Terms | Privacy