redline | 3585c4957fcffbc85da6b64d715dc9e9b7bf7a138731cdc83a30a8d37f378c8a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbdcb03822862fc1cfc70ca025507a9f.bin
Size

173KB
Sample

230504-cb3pbsbe5z
MD5

6736cec4dcfc3562788bde52b2c99458
SHA1

8320b97807b3b99f28e4bf5867b40d311b016419
SHA256

3585c4957fcffbc85da6b64d715dc9e9b7bf7a138731cdc83a30a8d37f378c8a
SHA512

552f3a19ece80da11111daa268a60c9d864261523896a8c3535dbbdc1e9896662a533425a585303de730555353fa5108caece09b941ac09d5b5adbaf8714ff1f
SSDEEP

3072:6Rkke1gdYrhSkyQNLGz6VR3yctzt2EOfJ4OzODtuSgS3zawJ4Ik2uXG+7:6Fr20pQNazuyc/2pf2v0S3GwJJ5uXG+7

Score

10^/10

redline 5370810052 infostealer

Malware Config

Extracted

Family

redline

Botnet

5370810052

C2

dolma.top:40309

Attributes

auth_value
9d2a45c79935eb6fb3db69a8417e310b

Targets

- Target
  
  b0515e24c427882aa4c0b0ffba2f5dd3443b849a0a72e92745d7ed44ca05f3d0.exe
- Size
  
  426KB
- MD5
  
  bbdcb03822862fc1cfc70ca025507a9f
- SHA1
  
  9877c0087076f90fafddbf9a5d5ea2f81b64d295
- SHA256
  
  b0515e24c427882aa4c0b0ffba2f5dd3443b849a0a72e92745d7ed44ca05f3d0
- SHA512
  
  d786d47d3e71060e2c5e28d92cf157903f3c6f6469ea259bf07d3d825555e579e7d0fa6f5ac9dd1c453640084bc15b4dfb51b336c19f9f9250555682c2a2c4c9
- SSDEEP
  
  3072:Zv8hEjNp51JI1h3jDn7fltbnoHqwKiy+5TzLR+p5gjzWmpkSSbPnUQ5/WoG9e1Ph:Z151JIX/n5Kl5nLZFSxlW79e1Hs6
Score

10^/10

redline 5370810052 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redline5370810052infostealer

behavioral2

redline5370810052infostealer