redline | bea9789e908b6a46592f963e652a858dde0a109de997819affc4b77cbc336098 | Triage

Sharing

General

Target

bea9789e908b6a46592f963e652a858dde0a109de997819affc4b77cbc336098
Size

3.7MB
Sample

230123-rdahwsfb21
MD5

a45e6fa02ca2dbeeb23d6fff96436a97
SHA1

61ffee4cb8d28ca05b20076a5ba92aff99449ba7
SHA256

bea9789e908b6a46592f963e652a858dde0a109de997819affc4b77cbc336098
SHA512

aface0a7bd84fb503358087b27d891b6bac48f7d56c4e94dbd4cd4ad350ac3891e0180fb2a4cf76a516d753c9e5c12daea3b038c517cbf8268b7887a003f0707
SSDEEP

98304:sBuzuXKMr2WYU68OdYIebQ4kUny6yuuhk6R1J3bj+:h63TO8K6ypk6fRby

Score

10^/10

redline st1 infostealer

Malware Config

Extracted

Family

redline

Botnet

st1

C2

librchichelpai.shop:81

rniwondunuifac.shop:81

Attributes

auth_value
a7232a45d6034ee2454fc434093d8f12

Targets

- Target
  
  bea9789e908b6a46592f963e652a858dde0a109de997819affc4b77cbc336098
- Size
  
  3.7MB
- MD5
  
  a45e6fa02ca2dbeeb23d6fff96436a97
- SHA1
  
  61ffee4cb8d28ca05b20076a5ba92aff99449ba7
- SHA256
  
  bea9789e908b6a46592f963e652a858dde0a109de997819affc4b77cbc336098
- SHA512
  
  aface0a7bd84fb503358087b27d891b6bac48f7d56c4e94dbd4cd4ad350ac3891e0180fb2a4cf76a516d753c9e5c12daea3b038c517cbf8268b7887a003f0707
- SSDEEP
  
  98304:sBuzuXKMr2WYU68OdYIebQ4kUny6yuuhk6R1J3bj+:h63TO8K6ypk6fRby
Score

10^/10

redline st1 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinest1infostealer