Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file

  • Size

    2.1MB

  • Sample

    220830-rm9dksbff6

  • MD5

    9446abe977ec57f6867473cbc7957742

  • SHA1

    fa48618ff1c48bde09aef7fabec4570e8ea04436

  • SHA256

    7303632a095187beee69774d18aa47d42e49eaa09c63734f1110942ee0c87a14

  • SHA512

    18f3cf9e0df7ca26d93a92a80a452b83d1f5fded788fe57e1b246ae6cc280cf9a3204f03cdd5f6ac54530102fbeec9cebeba18de4139304e2922d6fd59dbd409

  • SSDEEP

    24576:WetIOFYAYdzi96rM/Wo6erbgt16SDslT49pAm7lau4Cz4gEKL9IQl3RuQ55313X:WQIji+Dsls9qA0u424gEKDl3V

Score
10/10
redline@forceddd_lztinfostealerspyware

Malware Config

Extracted

Family

redline

Botnet

@forceddd_lzt

C2

5.182.36.101:31305

Attributes
  • auth_value

    91ffc3d776bc56b5c410d1adf5648512

Targets

    • Target

      file

    • Size

      2.1MB

    • MD5

      9446abe977ec57f6867473cbc7957742

    • SHA1

      fa48618ff1c48bde09aef7fabec4570e8ea04436

    • SHA256

      7303632a095187beee69774d18aa47d42e49eaa09c63734f1110942ee0c87a14

    • SHA512

      18f3cf9e0df7ca26d93a92a80a452b83d1f5fded788fe57e1b246ae6cc280cf9a3204f03cdd5f6ac54530102fbeec9cebeba18de4139304e2922d6fd59dbd409

    • SSDEEP

      24576:WetIOFYAYdzi96rM/Wo6erbgt16SDslT49pAm7lau4Cz4gEKL9IQl3RuQ55313X:WQIji+Dsls9qA0u424gEKDl3V

    Score
    10/10
    redline@forceddd_lztinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks