redline | 8b5f253885ec634e6c19caaca7da017f017406276bf1442980a215f0d2d49414 | Triage

Submit
Reports

Overview

overview

Static

static

93b5fa6fdf...9b.exe

windows7_x64

93b5fa6fdf...9b.exe

windows10-2004_x64

Sharing

General

Target

93b5fa6fdf4b982c8161b242da80e59b.exe
Size

1.4MB
Sample

220713-dr1ekshdcq
MD5

d51bf028b42f948631b0657346dea673
SHA1

47ced9e32dd5a4fed144c4e6c61364be296437ec
SHA256

8b5f253885ec634e6c19caaca7da017f017406276bf1442980a215f0d2d49414
SHA512

9ea2e17f368af1e87848a9e8be32f9d8fee1d3071404a569c6ca9e44290b29d314f174bda920733e86ed1ba77ef5afd153dc63da4304cf06acb4d462ac8a6a32

Score

10^/10

redline ruz infostealer spyware

Static task

static1

Behavioral task

behavioral1

Sample

93b5fa6fdf4b982c8161b242da80e59b.exe

Resource

win7-20220414-en

redline ruz infostealer spyware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

93b5fa6fdf4b982c8161b242da80e59b.exe

Resource

win10v2004-20220414-en

redline ruz infostealer spyware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

ruz

C2

185.106.92.128:16976

Attributes

auth_value
b5178f81ea8830c13e88c402dccf09f0

Targets

- Target
  
  93b5fa6fdf4b982c8161b242da80e59b.exe
- Size
  
  1.4MB
- MD5
  
  d51bf028b42f948631b0657346dea673
- SHA1
  
  47ced9e32dd5a4fed144c4e6c61364be296437ec
- SHA256
  
  8b5f253885ec634e6c19caaca7da017f017406276bf1442980a215f0d2d49414
- SHA512
  
  9ea2e17f368af1e87848a9e8be32f9d8fee1d3071404a569c6ca9e44290b29d314f174bda920733e86ed1ba77ef5afd153dc63da4304cf06acb4d462ac8a6a32
Score

10^/10

redline ruz infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlineruzinfostealerspyware

behavioral2

redlineruzinfostealerspyware

© 2018-2024

Terms | Privacy