Resubmissions
10-01-2023 20:41
230110-zgh87she82 1009-01-2023 13:23
230109-qmzcyahg5z 830-12-2022 04:52
221230-fhnqjafa36 729-12-2022 23:57
221229-3z3x4shg5y 829-12-2022 09:56
221229-lyp67afh7x 429-12-2022 09:28
221229-lfpspsfh5s 1029-12-2022 04:18
221229-exfssscc88 129-12-2022 04:12
221229-esw9zsfd3z 818-12-2022 12:11
221218-pcmqqabh42 804-12-2022 12:48
221204-p157zaec6t 10General
-
Target
https://google.com
-
Sample
221204-p157zaec6t
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://google.com
Resource
win10v2004-20220812-en
windows10-2004-x64
19 signatures
1800 seconds
Malware Config
Extracted
Family
redline
Botnet
MILLIONDOLLARSSSSSSSSS
C2
195.201.122.190:45976
Attributes
-
auth_value
971e3b56584ce491575444038fafa07c
Targets
-
-
Target
https://google.com
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Uses the VBS compiler for execution
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-