Overview

overview

10

Static

static

20EAEB9685...EE.exe

windows7-x64

10

20EAEB9685...EE.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    20EAEB96851593A58CC6FA71EC9181930C8E63BE953EE.exe

  • Size

    1.5MB

  • Sample

    220730-t1cymscef3

  • MD5

    0a5188d50679c8e22ba691d632bd8513

  • SHA1

    a099ce72bbc710a3ed4762f92c82a6c2cd1d4018

  • SHA256

    20eaeb96851593a58cc6fa71ec9181930c8e63be953ee681170b9b6a9dc22500

  • SHA512

    0d0af401abca4acd0ed8a2e6e8b5e1e1eb4a632fc558cd4f6b448656f41b5822a42bc94b8b19daff73d2ad5535d0322abc49c17975c9808854bc4c2f56f6a0dd

Score
10/10
redline6allsuppinfostealer

Malware Config

Extracted

Family

redline

Botnet

6allsupp

C2

jbeaef.ml:80

Targets

    • Target

      20EAEB96851593A58CC6FA71EC9181930C8E63BE953EE.exe

    • Size

      1.5MB

    • MD5

      0a5188d50679c8e22ba691d632bd8513

    • SHA1

      a099ce72bbc710a3ed4762f92c82a6c2cd1d4018

    • SHA256

      20eaeb96851593a58cc6fa71ec9181930c8e63be953ee681170b9b6a9dc22500

    • SHA512

      0d0af401abca4acd0ed8a2e6e8b5e1e1eb4a632fc558cd4f6b448656f41b5822a42bc94b8b19daff73d2ad5535d0322abc49c17975c9808854bc4c2f56f6a0dd

    Score
    10/10
    redline6allsuppinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks