redline | 524f2a3e0e21906316be520285bbdd5124a4453bfc8c3bff3fac4da2b135ac69 | Triage

Sharing

General

Target

6e572924ba4e3eada1c602453e181194.bin.exe
Size

435KB
Sample

230503-wrfpaahg2y
MD5

6e572924ba4e3eada1c602453e181194
SHA1

17f41a77e8e54d2af59b861d0aff73c0f8e2d397
SHA256

524f2a3e0e21906316be520285bbdd5124a4453bfc8c3bff3fac4da2b135ac69
SHA512

cfa3cacfe83b1b319e42c3f1c3cca30ff3205e1ba681a76fb5689f7eceaf23a55dd6757dffdd87ec07d420e8898b933dc2f16d62ff77388c789e532ddfd1395b
SSDEEP

6144:tYtoHAv/vgXxY7NjM59OKhoAc2mVspiiKEoIm6NhtFHzHIzk8wTc3cQYkkkk0HIC:tMv/vYwNtKhqspiixwAC

Score

10^/10

redline infostealer

Malware Config

Extracted

Family

redline

C2

37.220.87.13:48790

Attributes

auth_value
7555bbeffbab02a0418c9eb1e54491c9

Targets

- Target
  
  6e572924ba4e3eada1c602453e181194.bin.exe
- Size
  
  435KB
- MD5
  
  6e572924ba4e3eada1c602453e181194
- SHA1
  
  17f41a77e8e54d2af59b861d0aff73c0f8e2d397
- SHA256
  
  524f2a3e0e21906316be520285bbdd5124a4453bfc8c3bff3fac4da2b135ac69
- SHA512
  
  cfa3cacfe83b1b319e42c3f1c3cca30ff3205e1ba681a76fb5689f7eceaf23a55dd6757dffdd87ec07d420e8898b933dc2f16d62ff77388c789e532ddfd1395b
- SSDEEP
  
  6144:tYtoHAv/vgXxY7NjM59OKhoAc2mVspiiKEoIm6NhtFHzHIzk8wTc3cQYkkkk0HIC:tMv/vYwNtKhqspiixwAC
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer