redline | cea3b7236a0f326911d28434fcd60126787ce0b58ddf861d02948dddcc63a8e6 | Triage

Sharing

General

Target

cea3b7236a0f326911d28434fcd60126787ce0b58ddf861d02948dddcc63a8e6
Size

2.4MB
Sample

221101-nejw6sbcg5
MD5

f92a9f593bf2ac37eaa9c14e3194e777
SHA1

e0942e19d2f75e0ac94385c96c2fdf6320194117
SHA256

cea3b7236a0f326911d28434fcd60126787ce0b58ddf861d02948dddcc63a8e6
SHA512

f59acec3a1d0c68123e4a1775e4a65e86ac68f39ad4e7c8b49416ebcf38d77bd3067f384ecb1c7ee3d0c72916ba89e7bc3b6aac39d6b107746ea55c59f275f33
SSDEEP

24576:9WyFgjzmbJY/Yj8obxjNMr0ql0ViW4Tyuoe5piaBOLOdEl3RuQ553133:6m7t2n5piaBO1l3N

Score

10^/10

redline infostealer

Malware Config

Extracted

Family

redline

C2

45.147.199.166:14009

Attributes

auth_value
2e49bd9662dc643c2cc88111df616d1c

Targets

- Target
  
  cea3b7236a0f326911d28434fcd60126787ce0b58ddf861d02948dddcc63a8e6
- Size
  
  2.4MB
- MD5
  
  f92a9f593bf2ac37eaa9c14e3194e777
- SHA1
  
  e0942e19d2f75e0ac94385c96c2fdf6320194117
- SHA256
  
  cea3b7236a0f326911d28434fcd60126787ce0b58ddf861d02948dddcc63a8e6
- SHA512
  
  f59acec3a1d0c68123e4a1775e4a65e86ac68f39ad4e7c8b49416ebcf38d77bd3067f384ecb1c7ee3d0c72916ba89e7bc3b6aac39d6b107746ea55c59f275f33
- SSDEEP
  
  24576:9WyFgjzmbJY/Yj8obxjNMr0ql0ViW4Tyuoe5piaBOLOdEl3RuQ553133:6m7t2n5piaBO1l3N
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer