redline | 56d8611936d8264b3fab9451f57ed8ef5bfcab43a2a1d14c6faf5556bedbccf1 | Triage

Sharing

General

Target

file.exe
Size

372KB
Sample

230327-qhsplade92
MD5

6e1c8047cd8888ad27dd34d430cf1485
SHA1

8d56c99a6ca73e88e6e68e90ba9435a622451726
SHA256

56d8611936d8264b3fab9451f57ed8ef5bfcab43a2a1d14c6faf5556bedbccf1
SHA512

f97b63b97fbc0a0e80538102e79a534924df44ad4cb001b1a5be92fd0addcdcf4512e4b2705e3d57a4d652a7db7cdec0fc448282be6134c607f1b72600edb44d
SSDEEP

3072:J/YVvMvV9YX80mAOMQLFyXQPkuOev5fjCYNDHUk0MSCM2qGW4W3Itqggax:J/i0NslOWevxjBD0o/bqhkqg

Score

10^/10

redline 2703-dozkey infostealer

Malware Config

Extracted

Family

redline

Botnet

2703-doZKey

C2

137.184.30.252:81

Attributes

auth_value
189276e9cea60fd1b41a08d2c5e93c2e

Targets

- Target
  
  file.exe
- Size
  
  372KB
- MD5
  
  6e1c8047cd8888ad27dd34d430cf1485
- SHA1
  
  8d56c99a6ca73e88e6e68e90ba9435a622451726
- SHA256
  
  56d8611936d8264b3fab9451f57ed8ef5bfcab43a2a1d14c6faf5556bedbccf1
- SHA512
  
  f97b63b97fbc0a0e80538102e79a534924df44ad4cb001b1a5be92fd0addcdcf4512e4b2705e3d57a4d652a7db7cdec0fc448282be6134c607f1b72600edb44d
- SSDEEP
  
  3072:J/YVvMvV9YX80mAOMQLFyXQPkuOev5fjCYNDHUk0MSCM2qGW4W3Itqggax:J/i0NslOWevxjBD0o/bqhkqg
Score

10^/10

redline 2703-dozkey infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redline2703-dozkeyinfostealer

behavioral2

redline2703-dozkeyinfostealer