redline | 95288a9d74ee585a4a494160e1e7633927f21920fe72d6a1ca21176169cd024c | Triage

Submit
Reports

Overview

overview

Static

static

malware_sm...85.exe

windows7-x64

malware_sm...85.exe

windows10-2004-x64

Sharing

General

Target

malware_smoke_4042582185
Size

558KB
Sample

221004-dadjgshfbr
MD5

45a149693fbb187cf7318f6602ad2a15
SHA1

e32d75988539207cacbcffa95f0e9fafe4f9b163
SHA256

95288a9d74ee585a4a494160e1e7633927f21920fe72d6a1ca21176169cd024c
SHA512

8baf5d1288bec5880c58537b5bf86c4b84d229eb15da18771e5e4c37c79d82183c8e828cbfe3e0b80fa966fadb927d96ca4ae30c903374979cb84316b57cea52
SSDEEP

12288:hRDwFv/wbs6yX3fSfZGxFQS03ULaHNqrxlKIQNo6mV930L5EhqtK:PU1/uNa3fSmFkEaHNYK3s9w2hKK

Score

10^/10

redline 5076357887 infostealer

Static task

static1

Behavioral task

behavioral1

Sample

malware_smoke_4042582185.exe

Resource

win7-20220812-en

redline 5076357887 infostealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

malware_smoke_4042582185.exe

Resource

win10v2004-20220901-en

redline 5076357887 infostealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

5076357887

C2

37.1.213.9:17292

Attributes

auth_value
b1022b77a8ea3300a254df573b6fd16e

Targets

- Target
  
  malware_smoke_4042582185
- Size
  
  558KB
- MD5
  
  45a149693fbb187cf7318f6602ad2a15
- SHA1
  
  e32d75988539207cacbcffa95f0e9fafe4f9b163
- SHA256
  
  95288a9d74ee585a4a494160e1e7633927f21920fe72d6a1ca21176169cd024c
- SHA512
  
  8baf5d1288bec5880c58537b5bf86c4b84d229eb15da18771e5e4c37c79d82183c8e828cbfe3e0b80fa966fadb927d96ca4ae30c903374979cb84316b57cea52
- SSDEEP
  
  12288:hRDwFv/wbs6yX3fSfZGxFQS03ULaHNqrxlKIQNo6mV930L5EhqtK:PU1/uNa3fSmFkEaHNYK3s9w2hKK
Score

10^/10

redline 5076357887 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redline5076357887infostealer

behavioral2

redline5076357887infostealer

© 2018-2024

Terms | Privacy