redline | a8d125e363c517ed0f9dc1ad4b8e76985ca396d0feda89b40a7142d6086a17f7 | Triage

Sharing

General

Target

a8d125e363c517ed0f9dc1ad4b8e76985ca396d0feda89b40a7142d6086a17f7
Size

658KB
Sample

220807-gjbysshef5
MD5

f08b26441446f621c046abdbc3f5b456
SHA1

0170db2cddd19df860223fe4bc140bd01c285853
SHA256

a8d125e363c517ed0f9dc1ad4b8e76985ca396d0feda89b40a7142d6086a17f7
SHA512

2009a8c7d058d98e047439722cd8d0e6485087e314b23aad31f3e1308f6319e9e718f0b4db86976f2f1274ac412b051056e9e05a2f9c27166e7ad91591f65426

Score

10^/10

redline top1 infostealer

Malware Config

Extracted

Family

redline

Botnet

top1

C2

pemararslava.xyz:80

Attributes

auth_value
e3ff30d1ffe0ffdb11211b351a0179a1

Targets

- Target
  
  a8d125e363c517ed0f9dc1ad4b8e76985ca396d0feda89b40a7142d6086a17f7
- Size
  
  658KB
- MD5
  
  f08b26441446f621c046abdbc3f5b456
- SHA1
  
  0170db2cddd19df860223fe4bc140bd01c285853
- SHA256
  
  a8d125e363c517ed0f9dc1ad4b8e76985ca396d0feda89b40a7142d6086a17f7
- SHA512
  
  2009a8c7d058d98e047439722cd8d0e6485087e314b23aad31f3e1308f6319e9e718f0b4db86976f2f1274ac412b051056e9e05a2f9c27166e7ad91591f65426
Score

10^/10

redline top1 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinetop1infostealer