Overview

overview

10

Static

static

1

0c53a042d0...d0.exe

windows7-x64

10

0c53a042d0...d0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0c53a042d0d38393f870fc0bc79f5a88baec0f79ddd32fc23d523c536e9265d0.exe

  • Size

    266KB

  • Sample

    230405-m5kqqaff3y

  • MD5

    f0370756c2a43d71769b05c9888596a2

  • SHA1

    55490de87c0505a678cc1f254489306d04f280ef

  • SHA256

    0c53a042d0d38393f870fc0bc79f5a88baec0f79ddd32fc23d523c536e9265d0

  • SHA512

    2c969cc5423f45b592ba8acd06cbb3770a38afcba6fe0fd4b16633e4f0093bc029a0f7a6ec2b6e4ebbe6166df84fa09f79c035eeebee4b6cb6e265c75d8eb02c

  • SSDEEP

    6144:rPuZRcAJia/tnkxWZyUHS3uaeDyC8UCXiH9wy:rPuDcA9FkUgUHS3u5yJr0

Score
10/10
redlineytinfostealer

Malware Config

Extracted

Family

redline

Botnet

yt

C2

137.74.157.83:36657

Attributes
  • auth_value

    f34f51f9f38c0325b6757c6c89e24d40

Targets

    • Target

      0c53a042d0d38393f870fc0bc79f5a88baec0f79ddd32fc23d523c536e9265d0.exe

    • Size

      266KB

    • MD5

      f0370756c2a43d71769b05c9888596a2

    • SHA1

      55490de87c0505a678cc1f254489306d04f280ef

    • SHA256

      0c53a042d0d38393f870fc0bc79f5a88baec0f79ddd32fc23d523c536e9265d0

    • SHA512

      2c969cc5423f45b592ba8acd06cbb3770a38afcba6fe0fd4b16633e4f0093bc029a0f7a6ec2b6e4ebbe6166df84fa09f79c035eeebee4b6cb6e265c75d8eb02c

    • SSDEEP

      6144:rPuZRcAJia/tnkxWZyUHS3uaeDyC8UCXiH9wy:rPuDcA9FkUgUHS3u5yJr0

    Score
    10/10
    redlineytinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks