Overview

overview

10

Static

static

10

1580-54-0x...ry.exe

windows7-x64

1

1580-54-0x...ry.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1580-54-0x0000000000220000-0x0000000000250000-memory.dmp

  • Size

    192KB

  • Sample

    230614-kev3naeh92

  • MD5

    6fa5bbc9d1f7c7fb228a4ffb729cc258

  • SHA1

    7ed14579ac806a95f291bc4f4f27edf43497a437

  • SHA256

    9fb4991e48948c61f1b896e4484fa96509d4213df74a659a2e08fec8501c8621

  • SHA512

    5bd0775d7cccc5b0c1663d7e55c5db2a4a2b465f7b7421de1a93e3a3e407de40a0416165a2de951a12d68f23da7803a16eb6fe155a35066c0f4f77f7c6f136e2

  • SSDEEP

    1536:pbuR0C10WqlVZRGWyuHrTog/XzMXMQ8ys88888888888888888888888g888888F:AR0feoog/ZpyqVEUCidWT8FT8e8hQ

Score
10/10
redlinelux3microsoftphishing

Malware Config

Extracted

Family

redline

Botnet

lux3

C2

176.123.9.142:14845

Attributes
  • auth_value

    e94dff9a76da90d6b000642c4a52574b

Targets

    • Target

      1580-54-0x0000000000220000-0x0000000000250000-memory.dmp

    • Size

      192KB

    • MD5

      6fa5bbc9d1f7c7fb228a4ffb729cc258

    • SHA1

      7ed14579ac806a95f291bc4f4f27edf43497a437

    • SHA256

      9fb4991e48948c61f1b896e4484fa96509d4213df74a659a2e08fec8501c8621

    • SHA512

      5bd0775d7cccc5b0c1663d7e55c5db2a4a2b465f7b7421de1a93e3a3e407de40a0416165a2de951a12d68f23da7803a16eb6fe155a35066c0f4f77f7c6f136e2

    • SSDEEP

      1536:pbuR0C10WqlVZRGWyuHrTog/XzMXMQ8ys88888888888888888888888g888888F:AR0feoog/ZpyqVEUCidWT8FT8e8hQ

    Score
    5/10
    microsoftphishing
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks