redline | ccfa893b87413c20fa9f3f3b0cc7c7105a7bc77d719bbddd88ebf69e5889bf8e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ccfa893b87413c20fa9f3f3b0cc7c7105a7bc77d719bbddd88ebf69e5889bf8e
Size

2.6MB
Sample

220924-174hhadecl
MD5

4858aae32ed575219459121c9f6a7239
SHA1

327c34937d995c539509b6c6adacd9e1417be11b
SHA256

ccfa893b87413c20fa9f3f3b0cc7c7105a7bc77d719bbddd88ebf69e5889bf8e
SHA512

1593c45cc714a817801bfe438033b268ff5dce6a4505e6c9a45e9c6ca328b09098e42be53e7273b9d6ff2ab5124e8a63f891f8ee692aa5a27b134feabf58b92a
SSDEEP

24576:MV2/rA4uC4E9iOfG9oYlYbYMQ3umM2idKNj9hfXQXrnkSdey7OLDvqG+l3RuQ55A:z/E4uLnOfGBtnDSdey7Oa9l3c

Score

10^/10

redline 9 infostealer

Malware Config

Extracted

Family

redline

Botnet

9

C2

94.131.106.63:30947

Attributes

auth_value
2dda76b09bede43f0e8050c835bd27cc

Targets

- Target
  
  ccfa893b87413c20fa9f3f3b0cc7c7105a7bc77d719bbddd88ebf69e5889bf8e
- Size
  
  2.6MB
- MD5
  
  4858aae32ed575219459121c9f6a7239
- SHA1
  
  327c34937d995c539509b6c6adacd9e1417be11b
- SHA256
  
  ccfa893b87413c20fa9f3f3b0cc7c7105a7bc77d719bbddd88ebf69e5889bf8e
- SHA512
  
  1593c45cc714a817801bfe438033b268ff5dce6a4505e6c9a45e9c6ca328b09098e42be53e7273b9d6ff2ab5124e8a63f891f8ee692aa5a27b134feabf58b92a
- SSDEEP
  
  24576:MV2/rA4uC4E9iOfG9oYlYbYMQ3umM2idKNj9hfXQXrnkSdey7OLDvqG+l3RuQ55A:z/E4uLnOfGBtnDSdey7Oa9l3c
Score

10^/10

redline 9 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redline9infostealer

behavioral2

redline9infostealer