redline | c0fcd6757cbc94f187232698fd25442eaa9b22544295428524df2b63644449db | Triage

Sharing

General

Target

InvoicePO45928.zip
Size

180KB
Sample

221017-sn1y9scddn
MD5

ca144f86e4751e766bd216b72fc9cfb8
SHA1

67b01d45377f91c906f917516e25519449d07cc0
SHA256

c0fcd6757cbc94f187232698fd25442eaa9b22544295428524df2b63644449db
SHA512

36750a58f62b6a34ed98f6cffc6fb6395f076d61836e1239e7488a05c95c5c6cbba87828386b27e7807e315c0ad0bfbd04b7bee91fe00f566d6af922ce34ac00
SSDEEP

3072:7Sx62Qq8p4VlyR69/Ug+qCjtVs/PhWDrYw4WiRIdKeSSwmi/X35DL:7Sw3qrVkR69MDq8tV8wDD7iRIdWSHivx

Score

10^/10

redline 17.9 infostealer

Malware Config

Extracted

Family

redline

Botnet

17.9

C2

103.190.107.205:13122

Attributes

auth_value
8a5675c294df4427003eee21cdbd57ed

Targets

- Target
  
  InvoicePO45928.exe
- Size
  
  188KB
- MD5
  
  2f1588f52e75574ccdced95969b8f275
- SHA1
  
  d062bbdfb6a9f703281a6c5d6ccd762488f36de3
- SHA256
  
  89bb41d2fa9e316993c88cab5a820c6400033a1d217b81af1909c37d23cb8a39
- SHA512
  
  08c51c70a85ff8145ba71b4228c17b2bbfffbf37ecd9671e556f37ec7b89228064d744f84d1c36b1119e7c257318efbc9b95b8e4ae922076b103c77dc2cbcdca
- SSDEEP
  
  3072:jduZfyR69/Qg6qCjtVs/ThWDJWw4WWIdKeOSwmi/QJAdP:R0aR694Bq8tV8UDH7WId6SHiIu
Score

10^/10

redline 17.9 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redline17.9infostealer

behavioral2