redline | bc7da2ff8fd88b93c62d6318a26c17a9bbc14ee658d2064140f4ccdc869764f0 | Triage

Sharing

General

Target

bc7da2ff8fd88b93c62d6318a26c17a9bbc14ee658d2064140f4ccdc869764f0
Size

217KB
Sample

220914-mr4xfadffm
MD5

a078e93cc24db2b52b41dde722aaa333
SHA1

8bc2f863ebdc8334b8cf240fd21a254c754498b6
SHA256

bc7da2ff8fd88b93c62d6318a26c17a9bbc14ee658d2064140f4ccdc869764f0
SHA512

3156512dfe0316d251b19e0d9c643c8377f5ed2c1397ce202665c70e5875b400a2952623d7af0fbda5c4e0de0f9ff9e4a1c9f27f63e5e8524fe45a7bce19c97c
SSDEEP

3072:F9Pz9yUZZ91RI9zIpA4sSBmxShqyXAI5BjzQS8iqI6FFLpRntY8Q233inOHc/i:F9z4w3RIpYxjMP2BjzQS8ij6FjRy8Qp

Score

10^/10

redline lyla.11.09 infostealer

Malware Config

Extracted

Family

redline

Botnet

Lyla.11.09

C2

185.215.113.216:21921

Attributes

auth_value
a1e5192e588aa983d678ceb4d6e0d8b5

Targets

- Target
  
  bc7da2ff8fd88b93c62d6318a26c17a9bbc14ee658d2064140f4ccdc869764f0
- Size
  
  217KB
- MD5
  
  a078e93cc24db2b52b41dde722aaa333
- SHA1
  
  8bc2f863ebdc8334b8cf240fd21a254c754498b6
- SHA256
  
  bc7da2ff8fd88b93c62d6318a26c17a9bbc14ee658d2064140f4ccdc869764f0
- SHA512
  
  3156512dfe0316d251b19e0d9c643c8377f5ed2c1397ce202665c70e5875b400a2952623d7af0fbda5c4e0de0f9ff9e4a1c9f27f63e5e8524fe45a7bce19c97c
- SSDEEP
  
  3072:F9Pz9yUZZ91RI9zIpA4sSBmxShqyXAI5BjzQS8iqI6FFLpRntY8Q233inOHc/i:F9z4w3RIpYxjMP2BjzQS8ij6FjRy8Qp
Score

10^/10

redline lyla.11.09 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinelyla.11.09infostealer