Overview

overview

10

Static

static

3

9c18ac82f0...95.exe

windows7-x64

10

9c18ac82f0...95.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9c18ac82f0be2291427ca35f78125995.exe

  • Size

    735KB

  • Sample

    230606-cp6cdacc51

  • MD5

    9c18ac82f0be2291427ca35f78125995

  • SHA1

    60a28ac36ba8a172270aa04d2489bc9473388c86

  • SHA256

    6188e5f8b617ea28c133767f61549ee8e8e279348c62b13a59676e5858692a8f

  • SHA512

    e8795fbcdb04d422bd1c65e8367bc2b35394d167ace974feab53ca3914387e10d4b1deee5cac040d8de90c4c5770c82cd1e2da6e03ba83477125bada0dc01b2b

  • SSDEEP

    12288:5MrKy90x1M2I2AfcEvXfwh6RaSxNtXZisBaeoo7Fl2F1tmvHEcMDVMviceir4Mnh:LyeI1XMMN0xo7FI1okcMpM+wFnXIk

Score
10/10
redlinemaxievasioninfostealerpersistencetrojan

Malware Config

Extracted

Family

redline

Botnet

maxi

C2

83.97.73.126:19048

Attributes
  • auth_value

    6a3f22e5f4209b056a3fd330dc71956a

Targets

    • Target

      9c18ac82f0be2291427ca35f78125995.exe

    • Size

      735KB

    • MD5

      9c18ac82f0be2291427ca35f78125995

    • SHA1

      60a28ac36ba8a172270aa04d2489bc9473388c86

    • SHA256

      6188e5f8b617ea28c133767f61549ee8e8e279348c62b13a59676e5858692a8f

    • SHA512

      e8795fbcdb04d422bd1c65e8367bc2b35394d167ace974feab53ca3914387e10d4b1deee5cac040d8de90c4c5770c82cd1e2da6e03ba83477125bada0dc01b2b

    • SSDEEP

      12288:5MrKy90x1M2I2AfcEvXfwh6RaSxNtXZisBaeoo7Fl2F1tmvHEcMDVMviceir4Mnh:LyeI1XMMN0xo7FI1okcMpM+wFnXIk

    Score
    10/10
    redlinemaxievasioninfostealerpersistencetrojan

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks