Overview

overview

10

Static

static

1

n3980720.exe

windows7-x64

10

n3980720.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    n3980720.exe

  • Size

    314KB

  • Sample

    230530-bptg5sed56

  • MD5

    c1933ff9f312936f341461418014451b

  • SHA1

    ff060dd9797eed4c0f18b93ad8371e484e20d135

  • SHA256

    e78adc1386f87fa16b4c2c2ab670a2b9cd991eed4ee609e6d9a713c9aa977d2b

  • SHA512

    8f36d513805e61b16db0fdcf25232bfbddd5873fb0422f550ac3510966371cfc0fc9a23f29c0bb86aa119cfc9e33ad129019229387a868afe066e2891a54ff21

  • SSDEEP

    6144:HPY2iMnOIiKeLSOVcn5mh/4FsyTkT/kFjAgkK:wMnZiKeLF05mh/SkT/kFjz

Score
10/10
redlinegogainfostealer

Malware Config

Extracted

Family

redline

Botnet

goga

C2

83.97.73.122:19062

Attributes
  • auth_value

    6d57dff6d3c42dddb8a76dc276b8467f

Targets

    • Target

      n3980720.exe

    • Size

      314KB

    • MD5

      c1933ff9f312936f341461418014451b

    • SHA1

      ff060dd9797eed4c0f18b93ad8371e484e20d135

    • SHA256

      e78adc1386f87fa16b4c2c2ab670a2b9cd991eed4ee609e6d9a713c9aa977d2b

    • SHA512

      8f36d513805e61b16db0fdcf25232bfbddd5873fb0422f550ac3510966371cfc0fc9a23f29c0bb86aa119cfc9e33ad129019229387a868afe066e2891a54ff21

    • SSDEEP

      6144:HPY2iMnOIiKeLSOVcn5mh/4FsyTkT/kFjAgkK:wMnZiKeLF05mh/SkT/kFjz

    Score
    10/10
    redlinegogainfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks