Overview

overview

10

Static

static

1

SecuriteIn...64.exe

windows7-x64

10

SecuriteIn...64.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    SecuriteInfo.com.Variant.Jaik.143490.22464.32309

  • Size

    352KB

  • Sample

    230502-kg4skscb2s

  • MD5

    5812c5ec8f81f425d2bc75343e13358d

  • SHA1

    d315ef232ab79f56a8bbd79f867263bb2edf069b

  • SHA256

    a8a235ab55e16f8f8e31b70ae3ad1fb1e8ac29f705d0801fec83d1bb66c3c622

  • SHA512

    b9201ae2b31f748c9de51462c449b26d840f4a1b211296e4a97a6d472233e8bccd7362f2b25d471043f13d723cf2e722ba0cab23946c0c4f84fd14bed09021d1

  • SSDEEP

    6144:8ga/FSEyeLXFFWxO9QvIdcDkoD7YEWPt4mj5Mgdz3DNOu6H8PI:8djyeuxbvucDkoD5WP/Dz3DNOu6H9

Score
10/10
redlineinfostealerspyware

Malware Config

Extracted

Family

redline

C2

45.15.157.131:36457

Attributes
  • auth_value

    b7fd43d3ed6a9250e6daae75009f5a1e

Targets

    • Target

      SecuriteInfo.com.Variant.Jaik.143490.22464.32309

    • Size

      352KB

    • MD5

      5812c5ec8f81f425d2bc75343e13358d

    • SHA1

      d315ef232ab79f56a8bbd79f867263bb2edf069b

    • SHA256

      a8a235ab55e16f8f8e31b70ae3ad1fb1e8ac29f705d0801fec83d1bb66c3c622

    • SHA512

      b9201ae2b31f748c9de51462c449b26d840f4a1b211296e4a97a6d472233e8bccd7362f2b25d471043f13d723cf2e722ba0cab23946c0c4f84fd14bed09021d1

    • SSDEEP

      6144:8ga/FSEyeLXFFWxO9QvIdcDkoD7YEWPt4mj5Mgdz3DNOu6H8PI:8djyeuxbvucDkoD5WP/Dz3DNOu6H9

    Score
    10/10
    redlineinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks