Overview

overview

10

Static

static

1

FortHack.exe

windows7-x64

10

FortHack.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    FortHack.exe

  • Size

    2.5MB

  • Sample

    230310-2wsgjaff59

  • MD5

    c4d460b4f7da75c7db76347d8de50093

  • SHA1

    d9e250bee98b5d46e6929c6df3c129aa94ca2a40

  • SHA256

    2da73bff9624b981e8bedce6cb13d4593eaf758f70bd2ece15dde5ffc6fda065

  • SHA512

    9fc9fe17ffb5631fd01328bfe9f02f897808cda30969616d279346b2b69c3982858bd36657c5c2b725c934e1350118ca55026c91937e8ee7b540482ca1992333

  • SSDEEP

    24576:2AaodXP6bRPbWYhYOxlwvBVMT+dLEEuoi/GPCOPv1cmd5LZRiI1l3RuQ55313A:28dfiRPe9ShOH1cmd5aI1l3i

Score
10/10
redline@quppie2000infostealer

Malware Config

Extracted

Family

redline

Botnet

@quppie2000

C2

193.233.193.15:27469

Attributes
  • auth_value

    a2207993338b21fa7a2f1e35520a5d07

Targets

    • Target

      FortHack.exe

    • Size

      2.5MB

    • MD5

      c4d460b4f7da75c7db76347d8de50093

    • SHA1

      d9e250bee98b5d46e6929c6df3c129aa94ca2a40

    • SHA256

      2da73bff9624b981e8bedce6cb13d4593eaf758f70bd2ece15dde5ffc6fda065

    • SHA512

      9fc9fe17ffb5631fd01328bfe9f02f897808cda30969616d279346b2b69c3982858bd36657c5c2b725c934e1350118ca55026c91937e8ee7b540482ca1992333

    • SSDEEP

      24576:2AaodXP6bRPbWYhYOxlwvBVMT+dLEEuoi/GPCOPv1cmd5LZRiI1l3RuQ55313A:28dfiRPe9ShOH1cmd5aI1l3i

    Score
    10/10
    redline@quppie2000infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks