Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    183KB

  • Sample

    221024-w4ww2aaae8

  • MD5

    1ddbcb2ec41aab8a0ed64c9a266ac3a2

  • SHA1

    a12e7820ab07cedf5b4a95ea450f22b203cc886b

  • SHA256

    1365dcd0d8f9e75605089f59e5add9f0d1b9aa799de2dbc77ce2248f274faaad

  • SHA512

    900efae0b40532ddcfc735bcdb36ea22f3edcab346ccf49e224d8408f69d896a1853a7a737091a308fb2d88fd00d1991888483ab2bafd20c3d76edf8fff40159

  • SSDEEP

    3072:EyGCke+S6a1Eabgi8u39Es9nu3d1hd+rTf0av72B2hq4x:1AS6a1os90dR+Ziw3

Score
10/10
redline22.10infostealerspyware

Malware Config

Extracted

Family

redline

Botnet

22.10

C2

176.124.201.205:37411

Attributes
  • auth_value

    92585e61e33956141389c28abf76dfd8

Targets

    • Target

      file.exe

    • Size

      183KB

    • MD5

      1ddbcb2ec41aab8a0ed64c9a266ac3a2

    • SHA1

      a12e7820ab07cedf5b4a95ea450f22b203cc886b

    • SHA256

      1365dcd0d8f9e75605089f59e5add9f0d1b9aa799de2dbc77ce2248f274faaad

    • SHA512

      900efae0b40532ddcfc735bcdb36ea22f3edcab346ccf49e224d8408f69d896a1853a7a737091a308fb2d88fd00d1991888483ab2bafd20c3d76edf8fff40159

    • SSDEEP

      3072:EyGCke+S6a1Eabgi8u39Es9nu3d1hd+rTf0av72B2hq4x:1AS6a1os90dR+Ziw3

    Score
    10/10
    redline22.10infostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Uses the VBS compiler for execution

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

1
T1064

Persistence

Privilege Escalation

Defense Evasion

Scripting

1
T1064

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks