Overview

overview

10

Static

static

malware_sm...61.exe

windows7-x64

10

malware_sm...61.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    malware_smoke_2750898361

  • Size

    557KB

  • Sample

    221004-dppkasada8

  • MD5

    0b78ea25d14172536c70bd8ac554782c

  • SHA1

    4d3b3c59bc87823b8bae6d2086c41465eaacb053

  • SHA256

    064eb727936e2e156d971a3142a3982a38baa5b472d642eace029343a9c299c6

  • SHA512

    f63b29b8bf5e655dfaf404892c2c8369ace576baaadef482f8b65da6ae62a463b243029a3cc85f7e699f3df60761d2df8cf7a04bebc47de5e5c401ea17ee43c2

  • SSDEEP

    12288:7g0kqym9MZdAUn0hDS2+iVQS03ULaHNqrxlKIQNo0TC+K5DyoxjFru/:k0kqmPARS2vVkEaHNYK30+K5Dyox5w

Score
10/10
redline5076357887infostealer

Malware Config

Extracted

Family

redline

Botnet

5076357887

C2

37.1.213.9:17292

Attributes
  • auth_value

    b1022b77a8ea3300a254df573b6fd16e

Targets

    • Target

      malware_smoke_2750898361

    • Size

      557KB

    • MD5

      0b78ea25d14172536c70bd8ac554782c

    • SHA1

      4d3b3c59bc87823b8bae6d2086c41465eaacb053

    • SHA256

      064eb727936e2e156d971a3142a3982a38baa5b472d642eace029343a9c299c6

    • SHA512

      f63b29b8bf5e655dfaf404892c2c8369ace576baaadef482f8b65da6ae62a463b243029a3cc85f7e699f3df60761d2df8cf7a04bebc47de5e5c401ea17ee43c2

    • SSDEEP

      12288:7g0kqym9MZdAUn0hDS2+iVQS03ULaHNqrxlKIQNo0TC+K5DyoxjFru/:k0kqmPARS2vVkEaHNYK30+K5Dyox5w

    Score
    10/10
    redline5076357887infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks