Overview

overview

10

Static

static

f275edb1a9...71.exe

windows7-x64

10

f275edb1a9...71.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f275edb1a9a617bbc5f007e580b6fc16900aa14738f6eb69f8c28ca12d9ab271

  • Size

    221KB

  • Sample

    230131-yv2f9sab39

  • MD5

    82604be7a5f38f9e60774157e88f9a00

  • SHA1

    1ced3aa88f1fc63b5ffc080efe39bfd88d160215

  • SHA256

    2f395aa7461caadf9a3f2fa67aa1742bdec9173aced4483ca1e9c8dc7129c21a

  • SHA512

    04236b3904be1e99b8fa040eace51456f1fde6daa76189d6dcbbeda251b6b303b63eaab05b5b2aad1b87e0c7fcbe52f884d330f00f18e6dcf9f006a9473aec87

  • SSDEEP

    6144:Nqz10sGSyMRuxWBwml1FcLraGMRekpdFb:NqzSsGSfI2xl1OLr+RDpdFb

Score
10/10
redlinefredyinfostealer

Malware Config

Extracted

Family

redline

Botnet

fredy

C2

62.204.41.170:4132

Attributes
  • auth_value

    880249eef9593d49a1a3cddf57c5cb35

Targets

    • Target

      f275edb1a9a617bbc5f007e580b6fc16900aa14738f6eb69f8c28ca12d9ab271

    • Size

      278KB

    • MD5

      df336de1aac65e4439ddfd985377cb98

    • SHA1

      4eafb9b94142d48dd237f352bd2d02b94af1c3ff

    • SHA256

      f275edb1a9a617bbc5f007e580b6fc16900aa14738f6eb69f8c28ca12d9ab271

    • SHA512

      0a719ae9208182695943274a927e38721db1e529071ea8bec67a1c7b408130252185d6f8019e725583e817a806f04c0f512e4838e6919b9fff5881abe906c01d

    • SSDEEP

      3072:ojavJBLuA06q250wTMR1k07inWJj4pJPDGNnUR1UbRFTowErT8HwBYy2I647iet3:FLV06qyMRuxWBuCl1FcLrawMTep

    Score
    10/10
    redlinefredyinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks