redline | e602e5bd357eeadbc88332bf07d9809672de342869822b38e4025c1246c62308 | Triage

Submit
Reports

Overview

overview

Static

static

35c49be50e...f5.exe

windows7-x64

35c49be50e...f5.exe

windows10-2004-x64

Sharing

General

Target

35c49be50ee812f67d0dfec60a4a33f5.exe
Size

2.5MB
Sample

220725-pawkvahgc9
MD5

35c49be50ee812f67d0dfec60a4a33f5
SHA1

d35d414efae9769034d85e38bad1ef83807e4f9d
SHA256

e602e5bd357eeadbc88332bf07d9809672de342869822b38e4025c1246c62308
SHA512

b3f36084ca40ae6c28768aba0928c99bb3322c09ccc70d2c023230769c5b31810a5061b41f4339bf51079e250d34e86188ea0d93d6328da65775558630cb3e7b

Score

10^/10

redline 30 infostealer spyware

Static task

static1

Behavioral task

behavioral1

Sample

35c49be50ee812f67d0dfec60a4a33f5.exe

Resource

win7-20220715-en

redline 30 infostealer spyware

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

35c49be50ee812f67d0dfec60a4a33f5.exe

Resource

win10v2004-20220722-en

redline 30 infostealer spyware

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

30

C2

46.18.107.151:28631

Attributes

auth_value
d51779b1aa0d36e9f23fbe5d548aa322

Targets

- Target
  
  35c49be50ee812f67d0dfec60a4a33f5.exe
- Size
  
  2.5MB
- MD5
  
  35c49be50ee812f67d0dfec60a4a33f5
- SHA1
  
  d35d414efae9769034d85e38bad1ef83807e4f9d
- SHA256
  
  e602e5bd357eeadbc88332bf07d9809672de342869822b38e4025c1246c62308
- SHA512
  
  b3f36084ca40ae6c28768aba0928c99bb3322c09ccc70d2c023230769c5b31810a5061b41f4339bf51079e250d34e86188ea0d93d6328da65775558630cb3e7b
Score

10^/10

redline 30 infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redline30infostealerspyware

behavioral2

redline30infostealerspyware

© 2018-2024

Terms | Privacy