redline | af7ce0200fe43b53a6302e15669a997809a53334564aa01531f44579025727dd | Triage

Submit
Reports

Overview

overview

Static

static

183d70c9ee...1f.exe

windows7-x64

183d70c9ee...1f.exe

windows10-2004-x64

Sharing

General

Target

183d70c9ee43317367a8790e10f1511f.exe
Size

1.4MB
Sample

220805-n9qm7sabdl
MD5

183d70c9ee43317367a8790e10f1511f
SHA1

c851ef510d3d60e2193184ecfecb9ea88f5d26d5
SHA256

af7ce0200fe43b53a6302e15669a997809a53334564aa01531f44579025727dd
SHA512

0d939d44cbf6200bfdc285160bf45431174d3b637ba6d685db3ba85562f439423373a57f7a00bda6e25ee47c5ea60bdfec999fd5f55796edf5f6d0a550c2a08f

Score

10^/10

redline h infostealer spyware

Static task

static1

Behavioral task

behavioral1

Sample

183d70c9ee43317367a8790e10f1511f.exe

Resource

win7-20220718-en

redline h infostealer spyware

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

183d70c9ee43317367a8790e10f1511f.exe

Resource

win10v2004-20220722-en

redline h infostealer spyware

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

h

C2

185.108.223.124:41034

Attributes

auth_value
7c40f30b767fb5b93131b0053ccd7070

Targets

- Target
  
  183d70c9ee43317367a8790e10f1511f.exe
- Size
  
  1.4MB
- MD5
  
  183d70c9ee43317367a8790e10f1511f
- SHA1
  
  c851ef510d3d60e2193184ecfecb9ea88f5d26d5
- SHA256
  
  af7ce0200fe43b53a6302e15669a997809a53334564aa01531f44579025727dd
- SHA512
  
  0d939d44cbf6200bfdc285160bf45431174d3b637ba6d685db3ba85562f439423373a57f7a00bda6e25ee47c5ea60bdfec999fd5f55796edf5f6d0a550c2a08f
Score

10^/10

redline h infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinehinfostealerspyware

behavioral2

redlinehinfostealerspyware

© 2018-2024

Terms | Privacy