Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    1.2MB

  • Sample

    220917-kaqblshdh6

  • MD5

    93ab2044bff76bfb85c5190c00cf9386

  • SHA1

    4db1c9b6447ad2ba9c25cbcc5361f511e3c8f627

  • SHA256

    c4267a56a609934c61f0989334ee8b894710ddde69cb3fef9ed273a4e3b55f80

  • SHA512

    6b7ff5b61c5f0898943ce9b68566d16786b3fc3ac17c7e0ff02fcd1eff3a5ffaf8876fb683e1d556c82dde3d4c533dfd25d5de22057b52e4c215dd45ef6354e0

  • SSDEEP

    12288:xJ8eIVx4YkY+c+JT4PqB0/YM1vflv8V19eea2WpZJ6ZVZqZqQYQ4L288NeBXmD3V:x7ix4YkYYJMPqlM1nlCreeLr1DaikV

Score
10/10
redlinerrmoney78infostealer

Malware Config

Extracted

Family

redline

Botnet

RRMoney78

C2

81.161.229.243:28479

Attributes
  • auth_value

    bb1b94a59876c91b4398a5eaf3603ca7

Targets

    • Target

      file.exe

    • Size

      1.2MB

    • MD5

      93ab2044bff76bfb85c5190c00cf9386

    • SHA1

      4db1c9b6447ad2ba9c25cbcc5361f511e3c8f627

    • SHA256

      c4267a56a609934c61f0989334ee8b894710ddde69cb3fef9ed273a4e3b55f80

    • SHA512

      6b7ff5b61c5f0898943ce9b68566d16786b3fc3ac17c7e0ff02fcd1eff3a5ffaf8876fb683e1d556c82dde3d4c533dfd25d5de22057b52e4c215dd45ef6354e0

    • SSDEEP

      12288:xJ8eIVx4YkY+c+JT4PqB0/YM1vflv8V19eea2WpZJ6ZVZqZqQYQ4L288NeBXmD3V:x7ix4YkYYJMPqlM1nlCreeLr1DaikV

    Score
    10/10
    redlinerrmoney78infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks