Overview

overview

10

Static

static

10

0x00080000...05.exe

windows7-x64

10

0x00080000...05.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0x000800000001230f-105.dat

  • Size

    168KB

  • Sample

    230510-jhm1saeg67

  • MD5

    b8d97cf2a5429a5d25130dd05754da44

  • SHA1

    9d6f1f67937ae8e854a848b6bb4f76dad6189f2e

  • SHA256

    5562fbbd482d422bbddba0d4a2c8d8edd315a2da35c3d22a828f0c9d66126820

  • SHA512

    bcb4aa9ca4ff88a05eb5761b72c2dfa1fb4dcdfb0304b282da710ac3a26d1477a6140ed578df900a548de844cef9081ee0e9e03fe64a09ec5a4bec47216dde1b

  • SSDEEP

    3072:zoF210LHv9hWqVUAVN+8lX63qY0k8e8h9:zY210LvymU8lX63qY0k

Score
10/10
redlinemurkadiscoveryinfostealerspywarestealer

Malware Config

Extracted

Family

redline

Botnet

murka

C2

217.196.96.101:4132

Attributes
  • auth_value

    878a0681ac6ad0e4eb10ef9db07abdd9

Targets

    • Target

      0x000800000001230f-105.dat

    • Size

      168KB

    • MD5

      b8d97cf2a5429a5d25130dd05754da44

    • SHA1

      9d6f1f67937ae8e854a848b6bb4f76dad6189f2e

    • SHA256

      5562fbbd482d422bbddba0d4a2c8d8edd315a2da35c3d22a828f0c9d66126820

    • SHA512

      bcb4aa9ca4ff88a05eb5761b72c2dfa1fb4dcdfb0304b282da710ac3a26d1477a6140ed578df900a548de844cef9081ee0e9e03fe64a09ec5a4bec47216dde1b

    • SSDEEP

      3072:zoF210LHv9hWqVUAVN+8lX63qY0k8e8h9:zY210LvymU8lX63qY0k

    Score
    10/10
    redlinemurkadiscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks