Overview

overview

10

Static

static

3

ab91e48034...f1.exe

windows7-x64

10

ab91e48034...f1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ab91e4803417bc6c3414ce4ac7f80f181d742d79e8756d64ca4833bef0ac9ff1.zip

  • Size

    507KB

  • Sample

    230426-gstvzahd2x

  • MD5

    f073cd12e2baa9d265018cf65476692c

  • SHA1

    8e57a4a770afdceab82c65ccd68ad42a7336c0d1

  • SHA256

    41b88d86f1edce5ff233e6517a49486bd4fa572edf6561ef187c765916c1c3af

  • SHA512

    552327180b75fa20ffd6e3c19bf7dc49b52bc795d300ed8dedcb5652361302d38126b84060a88c45333889d90450dda9165daccf61de8f0ea84fa313117522ea

  • SSDEEP

    12288:6CoYJJYROCG8VhhqBn8OItiXNF7qxLm2wbNs6:6CoY4ROCGUMBn37XNcdmXps6

Score
10/10
redlineinfostealer

Malware Config

Extracted

Family

redline

C2

37.220.87.13:48790

Attributes
  • auth_value

    3711eaf31ccedd7df80af177dba5d1cc

Targets

    • Target

      ab91e4803417bc6c3414ce4ac7f80f181d742d79e8756d64ca4833bef0ac9ff1

    • Size

      787KB

    • MD5

      e7f3c79a7ccdbb0d41bddedcba03af91

    • SHA1

      fc6f3f5921f4608bd394a6e3eb1a6dc1cec53209

    • SHA256

      ab91e4803417bc6c3414ce4ac7f80f181d742d79e8756d64ca4833bef0ac9ff1

    • SHA512

      e84c0ff61a3a104378e0a34ed78b0cf7561c8a39889928649251332e9b6b0803469d53a0dc8ac6d5216c518ebe3cece0bd0d378791756e3978cd9fc5ffa7f969

    • SSDEEP

      24576:b1tRxsHztPruUBL4dtl/UhebsgaReNHTvaTC3c:RxqNtLIfEebNHbaus

    Score
    10/10
    redlineinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks