redline | 50cf840ea1c68345adb398c5c3f33fcbadd750a095b5687d7a5735aab7088824 | Triage

Sharing

General

Target

21c63293a13296dc293a0e5a775b0146.exe
Size

97KB
Sample

221003-k5la5sfhc9
MD5

21c63293a13296dc293a0e5a775b0146
SHA1

e9f7665b02c8e44f3b80ed4fd28816201cda89da
SHA256

50cf840ea1c68345adb398c5c3f33fcbadd750a095b5687d7a5735aab7088824
SHA512

393263f08d45c5fe676ffe1b5d7958d7211349ba63835ca33fb878e2c5ba149c86b9aeee32f8e8b5ec07a008f2e3be41467ec4fc42237b5a6427b3cb2c6cacea
SSDEEP

1536:yj1yw39pOq7JkjAYOrOyitVC7uMqBcQjloJQYr4hUndpAz+WTxXv/K:yj1yk0AYQOyiRwOIihUndpFWV/S

Score

10^/10

redline ngondungvao infostealer

Malware Config

Extracted

Family

redline

Botnet

NGONDUNGVAO

C2

103.74.103.52:24343

Attributes

auth_value
c26fcf86ed5f26d2fadc52a8f9ea2e4c

Targets

- Target
  
  21c63293a13296dc293a0e5a775b0146.exe
- Size
  
  97KB
- MD5
  
  21c63293a13296dc293a0e5a775b0146
- SHA1
  
  e9f7665b02c8e44f3b80ed4fd28816201cda89da
- SHA256
  
  50cf840ea1c68345adb398c5c3f33fcbadd750a095b5687d7a5735aab7088824
- SHA512
  
  393263f08d45c5fe676ffe1b5d7958d7211349ba63835ca33fb878e2c5ba149c86b9aeee32f8e8b5ec07a008f2e3be41467ec4fc42237b5a6427b3cb2c6cacea
- SSDEEP
  
  1536:yj1yw39pOq7JkjAYOrOyitVC7uMqBcQjloJQYr4hUndpAz+WTxXv/K:yj1yk0AYQOyiRwOIihUndpFWV/S
Score

10^/10

redline ngondungvao infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

ngondungvaoredline

behavioral1

redlinengondungvaoinfostealer

behavioral2

redlinengondungvaoinfostealer