redline | 6f2ce8e8650d5523a7bcd85a4bdb59f39523ee49652321a906a72445dd3b9d73 | Triage

Submit
Reports

Overview

overview

Static

static

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

6F2CE8E8650D5523A7BCD85A4BDB59F39523EE49652321A906A72445DD3B9D73
Size

2.5MB
Sample

220812-bfn63aeffl
MD5

df508168f27e48f10a8329b034a635e7
SHA1

86a62a26f4eaf35bc81f15b05b059f5d83ee00d6
SHA256

6f2ce8e8650d5523a7bcd85a4bdb59f39523ee49652321a906a72445dd3b9d73
SHA512

d1b2e717b9b33463247a644cd8bb0f32dbbe38ecb4a78c55488d55062d4aa784004fa9d93b35e92ac9140b26639a2ef7e602d977c916a03d6ae111d81445cc66

Score

10^/10

redline yt infostealer

Static task

static1

Behavioral task

behavioral1

Sample

6F2CE8E8650D5523A7BCD85A4BDB59F39523EE49652321A906A72445DD3B9D73.exe

Resource

win7-20220715-en

redline yt infostealer

windows7-x64

4 signatures

300 seconds

Behavioral task

behavioral2

Sample

6F2CE8E8650D5523A7BCD85A4BDB59F39523EE49652321A906A72445DD3B9D73.exe

Resource

win10-20220718-en

redline yt infostealer

windows10-1703-x64

4 signatures

300 seconds

Malware Config

Extracted

Family

redline

Botnet

yt

C2

193.124.22.7:13417

Attributes

auth_value
778bc9af4179a5317bc72a9c954a0dd2

Targets

- Target
  
  6F2CE8E8650D5523A7BCD85A4BDB59F39523EE49652321A906A72445DD3B9D73
- Size
  
  2.5MB
- MD5
  
  df508168f27e48f10a8329b034a635e7
- SHA1
  
  86a62a26f4eaf35bc81f15b05b059f5d83ee00d6
- SHA256
  
  6f2ce8e8650d5523a7bcd85a4bdb59f39523ee49652321a906a72445dd3b9d73
- SHA512
  
  d1b2e717b9b33463247a644cd8bb0f32dbbe38ecb4a78c55488d55062d4aa784004fa9d93b35e92ac9140b26639a2ef7e602d977c916a03d6ae111d81445cc66
Score

10^/10

redline yt infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlineytinfostealer

behavioral2

redlineytinfostealer

© 2018-2024

Terms | Privacy