redline | fde7a181f3e8c5ee185e773a614ed6653772929f9029f4b3b8443886489a58e6 | Triage

Sharing

General

Target

fde7a181f3e8c5ee185e773a614ed6653772929f9029f4b3b8443886489a58e6
Size

2.4MB
Sample

221101-n5v25abfg5
MD5

07ac5440062c5365a1a8e9eeaa893b8f
SHA1

dcfc3b6ca757e7b591af11a5ae753319c39ecc0e
SHA256

fde7a181f3e8c5ee185e773a614ed6653772929f9029f4b3b8443886489a58e6
SHA512

7bf353f54056b521b2c1b6e3b91618583b8e2a5dfa5fb17cfacea7bf36227273391dd8ff5353ac98642f8b28ba89ae9badafce850f604ebb71db252331077061
SSDEEP

24576:6eW+TYE+1YDYFdy3fSlM+ld4nYhqiCOSgW2fRQidULcNOZNKql3RuQ55313R:6/JEEdYvOtWARQidUUql3r

Score

10^/10

redline infostealer

Malware Config

Extracted

Family

redline

C2

194.26.229.212:47495

Attributes

auth_value
4ecb8f70a78c110cf5e92deaf5855f22

Targets

- Target
  
  fde7a181f3e8c5ee185e773a614ed6653772929f9029f4b3b8443886489a58e6
- Size
  
  2.4MB
- MD5
  
  07ac5440062c5365a1a8e9eeaa893b8f
- SHA1
  
  dcfc3b6ca757e7b591af11a5ae753319c39ecc0e
- SHA256
  
  fde7a181f3e8c5ee185e773a614ed6653772929f9029f4b3b8443886489a58e6
- SHA512
  
  7bf353f54056b521b2c1b6e3b91618583b8e2a5dfa5fb17cfacea7bf36227273391dd8ff5353ac98642f8b28ba89ae9badafce850f604ebb71db252331077061
- SSDEEP
  
  24576:6eW+TYE+1YDYFdy3fSlM+ld4nYhqiCOSgW2fRQidULcNOZNKql3RuQ55313R:6/JEEdYvOtWARQidUUql3r
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer