redline | 874886647f3106b589cd1c0c1fd33dc5b67f2276a359315a7a4557924db86e45 | Triage

Submit
Reports

Overview

overview

Static

static

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

874886647f3106b589cd1c0c1fd33dc5b67f2276a359315a7a4557924db86e45
Size

2.5MB
Sample

221101-mahmwabfdm
MD5

e0be45621c059d3366108b5754221a93
SHA1

cc3d83e36b5a6cb7a6c10787e7a9a9528fdd8bf1
SHA256

874886647f3106b589cd1c0c1fd33dc5b67f2276a359315a7a4557924db86e45
SHA512

a82dcb1a89d0ab470f0071798ec89700ab07635f6a5eaf69c228d8ab6015bcc2eda56a88f6b1d6ff0a655e63cf2aa29e8429af658badc74bdd43906c724e6451
SSDEEP

24576:pJtt3ntFbZAEEvYWYfEk7FueMIBdX0eC4HgbD4spc85alUowKir/0LMnOpdjol3x:pJtt3n5AEf/gMzwKir/0Y+dcl3x

Score

10^/10

redline @mmseven_top infostealer

Static task

static1

Behavioral task

behavioral1

Sample

874886647f3106b589cd1c0c1fd33dc5b67f2276a359315a7a4557924db86e45.exe

Resource

win7-20220812-en

redline @mmseven_top infostealer

windows7-x64

4 signatures

300 seconds

Behavioral task

behavioral2

Sample

874886647f3106b589cd1c0c1fd33dc5b67f2276a359315a7a4557924db86e45.exe

Resource

win10-20220901-en

redline @mmseven_top infostealer

windows10-1703-x64

4 signatures

300 seconds

Malware Config

Extracted

Family

redline

Botnet

@mmseven_top

C2

185.106.92.226:40788

Attributes

auth_value
545ff919a0c19c45f971018591cb206b

Targets

- Target
  
  874886647f3106b589cd1c0c1fd33dc5b67f2276a359315a7a4557924db86e45
- Size
  
  2.5MB
- MD5
  
  e0be45621c059d3366108b5754221a93
- SHA1
  
  cc3d83e36b5a6cb7a6c10787e7a9a9528fdd8bf1
- SHA256
  
  874886647f3106b589cd1c0c1fd33dc5b67f2276a359315a7a4557924db86e45
- SHA512
  
  a82dcb1a89d0ab470f0071798ec89700ab07635f6a5eaf69c228d8ab6015bcc2eda56a88f6b1d6ff0a655e63cf2aa29e8429af658badc74bdd43906c724e6451
- SSDEEP
  
  24576:pJtt3ntFbZAEEvYWYfEk7FueMIBdX0eC4HgbD4spc85alUowKir/0LMnOpdjol3x:pJtt3n5AEf/gMzwKir/0Y+dcl3x
Score

10^/10

redline @mmseven_top infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redline@mmseven_topinfostealer

behavioral2

redline@mmseven_topinfostealer

© 2018-2024

Terms | Privacy