redline | 9e4bb9e9b4a0bd622deb940906c082b65d299d3c768b4957c1a89a8f60572f28 | Triage

Sharing

General

Target

9e4bb9e9b4a0bd622deb940906c082b65d299d3c768b4957c1a89a8f60572f28
Size

2.6MB
Sample

220926-w8nq8acgfp
MD5

529174498fbbf1c72fb39af656d5f98f
SHA1

439edbff12742da9e15da5ab4a2710f97f947a50
SHA256

9e4bb9e9b4a0bd622deb940906c082b65d299d3c768b4957c1a89a8f60572f28
SHA512

ad760ef8d26f645736a05d076baf98731ce99f3d8dd13f7828a09ade228c3da0ddefe50c7a8e9bc5b53488986c86aa708cbc1717e8ad1636e59b3f0f91141abe
SSDEEP

24576:RDGV9zhuL8MbAZYfYV9YJuW3MFfdEklRHXO3GNdmNxNUk6ALQvyWu7l3RuQ5531e:YLhuL1bzExYxNUk6A8DEl3k

Score

10^/10

redline install1part infostealer

Malware Config

Extracted

Family

redline

Botnet

install1part

C2

185.224.133.182:16382

Attributes

auth_value
01759eb8d6120155c19b779c527fb1e2

Targets

- Target
  
  9e4bb9e9b4a0bd622deb940906c082b65d299d3c768b4957c1a89a8f60572f28
- Size
  
  2.6MB
- MD5
  
  529174498fbbf1c72fb39af656d5f98f
- SHA1
  
  439edbff12742da9e15da5ab4a2710f97f947a50
- SHA256
  
  9e4bb9e9b4a0bd622deb940906c082b65d299d3c768b4957c1a89a8f60572f28
- SHA512
  
  ad760ef8d26f645736a05d076baf98731ce99f3d8dd13f7828a09ade228c3da0ddefe50c7a8e9bc5b53488986c86aa708cbc1717e8ad1636e59b3f0f91141abe
- SSDEEP
  
  24576:RDGV9zhuL8MbAZYfYV9YJuW3MFfdEklRHXO3GNdmNxNUk6ALQvyWu7l3RuQ5531e:YLhuL1bzExYxNUk6A8DEl3k
Score

10^/10

redline install1part infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlineinstall1partinfostealer