Overview

overview

10

Static

static

36940f0988...e5.exe

windows7-x64

10

36940f0988...e5.exe

windows10-2004-x64

10

Resubmissions

17/10/2022, 16:03

221017-thsw5scedp 10

16/10/2022, 03:51

221016-eegx5sggf5 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    36940f0988f192cdfe23956b2215eee5.exe

  • Size

    2.6MB

  • Sample

    221016-eegx5sggf5

  • MD5

    36940f0988f192cdfe23956b2215eee5

  • SHA1

    f8fb9474fd351e4f96bd39bd3532d756c3d05fbc

  • SHA256

    824790997e40228c635b02fa75148e6e53b28ce5062509614bcad4570f6a455f

  • SHA512

    edf660c6129c14c9d984a4c2843b0b718d8606bb358a9654a3149bf4794d458d8b4fd6b75b253f643206eaafd57e27f40642d98cccf186dcb720a07420dee0f0

  • SSDEEP

    24576:+AMJwgkZBg1CYdL+LPobQUuYlY8LOqMI6MK7a2SdGgtMCJNWA9I+doUYHcLaqBlz:BMBHdCrobQ06cp1I+doUYHc2Cl3j

Score
10/10
redlineinfostealerspyware

Malware Config

Extracted

Family

redline

C2

213.109.192.27:80

Attributes
  • auth_value

    836eed51f9806d4943a961d39dba284f

Targets

    • Target

      36940f0988f192cdfe23956b2215eee5.exe

    • Size

      2.6MB

    • MD5

      36940f0988f192cdfe23956b2215eee5

    • SHA1

      f8fb9474fd351e4f96bd39bd3532d756c3d05fbc

    • SHA256

      824790997e40228c635b02fa75148e6e53b28ce5062509614bcad4570f6a455f

    • SHA512

      edf660c6129c14c9d984a4c2843b0b718d8606bb358a9654a3149bf4794d458d8b4fd6b75b253f643206eaafd57e27f40642d98cccf186dcb720a07420dee0f0

    • SSDEEP

      24576:+AMJwgkZBg1CYdL+LPobQUuYlY8LOqMI6MK7a2SdGgtMCJNWA9I+doUYHcLaqBlz:BMBHdCrobQ06cp1I+doUYHc2Cl3j

    Score
    10/10
    redlineinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks