Overview

overview

10

Static

static

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    367515b33b06925bea136a0ff5d866b0f76bd4aaf41812dd2a2dd672e327bcf3

  • Size

    2.5MB

  • Sample

    221101-ky3xlsahen

  • MD5

    a882d0216879959354219ba50a8a059e

  • SHA1

    9c827025afee5bad9d3a6530b978dee02faf197b

  • SHA256

    367515b33b06925bea136a0ff5d866b0f76bd4aaf41812dd2a2dd672e327bcf3

  • SHA512

    de8c42a4e53223c601a72bdb398c3cb572bbe6d7bdfde7ccdd01fc71d3c431b3f6f2acf25cb76f2b6b8c2d16325eb1e6a864e9a8310bc2fa70d5e230d35f2e1e

  • SSDEEP

    24576:71LgXvZhuYPYo7o2GmGM8hdLQFuB/vb5rHpkpbjLhVILZhbTl3RuQ55313u:716vZMs45rCbjLhVIXl3Y

Score
10/10
redline1infostealer

Malware Config

Extracted

Family

redline

Botnet

1

C2

146.19.75.18:41599

Attributes
  • auth_value

    8e95e553322b592c6800a519511ce6b9

Targets

    • Target

      367515b33b06925bea136a0ff5d866b0f76bd4aaf41812dd2a2dd672e327bcf3

    • Size

      2.5MB

    • MD5

      a882d0216879959354219ba50a8a059e

    • SHA1

      9c827025afee5bad9d3a6530b978dee02faf197b

    • SHA256

      367515b33b06925bea136a0ff5d866b0f76bd4aaf41812dd2a2dd672e327bcf3

    • SHA512

      de8c42a4e53223c601a72bdb398c3cb572bbe6d7bdfde7ccdd01fc71d3c431b3f6f2acf25cb76f2b6b8c2d16325eb1e6a864e9a8310bc2fa70d5e230d35f2e1e

    • SSDEEP

      24576:71LgXvZhuYPYo7o2GmGM8hdLQFuB/vb5rHpkpbjLhVILZhbTl3RuQ55313u:716vZMs45rCbjLhVIXl3Y

    Score
    10/10
    redline1infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks