Overview

overview

10

Static

static

10

1472-54-0x...ry.exe

windows7-x64

1

1472-54-0x...ry.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1472-54-0x0000000000230000-0x0000000000260000-memory.dmp

  • Size

    192KB

  • Sample

    230614-xq1hqscg44

  • MD5

    0b0fff0228624749848b0c239f510beb

  • SHA1

    3ecfbf8005ed3d2d7f6bc08a5e9c587633573f5a

  • SHA256

    895ddc6991bff4675d7a46d9892d835fa8c2d9517701a6eb063376b9a1ea22cf

  • SHA512

    d0bec1310328f902a93538fb60f9ddaed68c3188b33c40c2cb19ccf66ef8c756c25d30d520bbc21aabd44d1a64b8e79268b374b9fab0ef4791f86817b3c6ea01

  • SSDEEP

    1536:ObuR0C10WqlVZRGWyuHrTog/XzMXMQ8ys88888888888888888888888g888888i:RR0feoog/ZpyqVEUCidWT8Fo8e8hQ

Score
10/10
redlinelux3microsoftphishing

Malware Config

Extracted

Family

redline

Botnet

lux3

C2

176.123.9.142:14845

Attributes
  • auth_value

    e94dff9a76da90d6b000642c4a52574b

Targets

    • Target

      1472-54-0x0000000000230000-0x0000000000260000-memory.dmp

    • Size

      192KB

    • MD5

      0b0fff0228624749848b0c239f510beb

    • SHA1

      3ecfbf8005ed3d2d7f6bc08a5e9c587633573f5a

    • SHA256

      895ddc6991bff4675d7a46d9892d835fa8c2d9517701a6eb063376b9a1ea22cf

    • SHA512

      d0bec1310328f902a93538fb60f9ddaed68c3188b33c40c2cb19ccf66ef8c756c25d30d520bbc21aabd44d1a64b8e79268b374b9fab0ef4791f86817b3c6ea01

    • SSDEEP

      1536:ObuR0C10WqlVZRGWyuHrTog/XzMXMQ8ys88888888888888888888888g888888i:RR0feoog/ZpyqVEUCidWT8Fo8e8hQ

    Score
    5/10
    microsoftphishing
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks