redline | 78b27899e62b5910104d9c80b016736a3ae210b6be7e80daacf69b408ee9d913 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

78b27899e62b5910104d9c80b016736a3ae210b6be7e80daacf69b408ee9d913
Size

745KB
Sample

220613-k8zb6sfcal
MD5

4e42432eb9f22bbb32ffb678d83d28e8
SHA1

b82054919c96ecec758471d6b2de6078561c52bb
SHA256

78b27899e62b5910104d9c80b016736a3ae210b6be7e80daacf69b408ee9d913
SHA512

4a70fedcf8ddbaf5b54f16d55e4e284a8883a1a15c55a604efc1100c5d709a3a340253e2e8161fae7b24e62fdb16cb7e4c80aac0922b12ced6cd49aff98addf1

Score

10^/10

redline 76 infostealer spyware

Static task

static1

Behavioral task

behavioral1

Sample

78b27899e62b5910104d9c80b016736a3ae210b6be7e80daacf69b408ee9d913.exe

Resource

win10-20220414-en

redline 76 infostealer spyware

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

76

C2

139.99.32.83:43199

Attributes

auth_value
44d461325298129ed3c705440f57962c

Targets

- Target
  
  78b27899e62b5910104d9c80b016736a3ae210b6be7e80daacf69b408ee9d913
- Size
  
  745KB
- MD5
  
  4e42432eb9f22bbb32ffb678d83d28e8
- SHA1
  
  b82054919c96ecec758471d6b2de6078561c52bb
- SHA256
  
  78b27899e62b5910104d9c80b016736a3ae210b6be7e80daacf69b408ee9d913
- SHA512
  
  4a70fedcf8ddbaf5b54f16d55e4e284a8883a1a15c55a604efc1100c5d709a3a340253e2e8161fae7b24e62fdb16cb7e4c80aac0922b12ced6cd49aff98addf1
Score

10^/10

redline 76 infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redline76infostealerspyware

© 2018-2024

Terms | Privacy