Overview

overview

10

Static

static

36bf4d35f0...3f.exe

windows7-x64

10

36bf4d35f0...3f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    36bf4d35f07c97dfc03f2e36b98d6f6428667d7880e1e9b29322f9158b30e23f

  • Size

    1.5MB

  • Sample

    230103-f2j7fsdb7s

  • MD5

    8e402000aa9f467609c330d4f8e720b2

  • SHA1

    8d251e30d0fcb59e079cff3d0b1b6392fa1b5dc1

  • SHA256

    36bf4d35f07c97dfc03f2e36b98d6f6428667d7880e1e9b29322f9158b30e23f

  • SHA512

    5ef5bdd10d6584a9164af88a0d9c5898b2d965abe7f0472968eb315100257a8acbd2e4d4be6c000d70fe411d46bfddf1b08cef02d00585112368ae6232629662

  • SSDEEP

    24576:z71YR9epbTBP8zOH55Qva+m5qs90TzBJK5C2KSIBOfcox96ic:y9epXN/sy+C0TlUhICBPc

Score
10/10
redline1310infostealer

Malware Config

Extracted

Family

redline

Botnet

1310

C2

79.137.192.57:48771

Attributes
  • auth_value

    feb5f5c29913f32658637e553762a40e

Targets

    • Target

      36bf4d35f07c97dfc03f2e36b98d6f6428667d7880e1e9b29322f9158b30e23f

    • Size

      1.5MB

    • MD5

      8e402000aa9f467609c330d4f8e720b2

    • SHA1

      8d251e30d0fcb59e079cff3d0b1b6392fa1b5dc1

    • SHA256

      36bf4d35f07c97dfc03f2e36b98d6f6428667d7880e1e9b29322f9158b30e23f

    • SHA512

      5ef5bdd10d6584a9164af88a0d9c5898b2d965abe7f0472968eb315100257a8acbd2e4d4be6c000d70fe411d46bfddf1b08cef02d00585112368ae6232629662

    • SSDEEP

      24576:z71YR9epbTBP8zOH55Qva+m5qs90TzBJK5C2KSIBOfcox96ic:y9epXN/sy+C0TlUhICBPc

    Score
    10/10
    redline1310infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks