Overview

overview

10

Static

static

10

Redline_20...se.txt

windows10-1703-x64

10

Redline_20...se.txt

windows10-2004-x64

1

Redline_20...ss.txt

windows10-1703-x64

1

Redline_20...ss.txt

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Redline_20_2_crack.zip

  • Size

    17.0MB

  • Sample

    230129-egmw6shf76

  • MD5

    29c151659c2460d90adaca01a53045c4

  • SHA1

    e1a02696511991705827352a1496861997f72e42

  • SHA256

    2fe936d6b25266ad008ffe359931fc537bfbc3f00774af009c2de5f3abb04e1c

  • SHA512

    96d1fb469f91d1a36d374aaad497362b7e11110f7ed708c24136fce5b6ae11a14a2b7aa6cdf86e5d58e8149fffb0b8512bff2f6079531eae92d8089b9b39f4ed

  • SSDEEP

    393216:VcPxpiFTFeTwhLN3zmLen6r0OnbNm6TMaEcqpKVtckzH:KpGFqiLZb6Q2bNm8MaEcqdU

Score
10/10
redlinexwormcheatinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

194.145.138.85:28105

Extracted

Family

xworm

C2

194.145.138.85:1604

Mutex

Iom8xb4NUaLbxykI

Attributes
  • install_file

    USB.exe

aes.plain

Targets

    • Target

      Redline_20_2_crack/howtouse.txt

    • Size

      553B

    • MD5

      bfa823e21a8082064c8b37e15f4ee20a

    • SHA1

      e5c573cad89a3ffad0783e3a099d8167858fd847

    • SHA256

      483664a68ecfb4f045f57869bbc8228ed19fc697235809bf41412007128660e2

    • SHA512

      11c466ef47f5c72b1e27a220a9dccfb6296e90bc1e04338780699a0b634436265a6eeecf012428297d917542a49669f547f83b8c297bf0543bf19c2d18efcd36

    Score
    10/10
    redlinexworminfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Xworm

      Xworm is a remote access trojan written in C#.

      trojanratxworm

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      Redline_20_2_crack/user&pass.txt

    • Size

      35B

    • MD5

      4682b5784ca1677e46b516bef1f860d4

    • SHA1

      ee707f23b7042b4cd8e6e2fc79d7a96ca11010b6

    • SHA256

      858906ba9521cb2b9218d2545dea9a8c7d64764e0abe01bb98bb080af3959cce

    • SHA512

      d39ba68c1cc957f8f6622cc1482658ea10f184f5fc6b67f9835db45a1aebd990cff0b461e7f85206d1171efb2673e69f3fd396f7a6b1e70f37c700c5438be335

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks