Overview

overview

10

Static

static

10

1580-54-0x...ry.exe

windows7-x64

1

1580-54-0x...ry.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1580-54-0x0000000000230000-0x0000000000260000-memory.dmp

  • Size

    192KB

  • Sample

    230619-yj1qlaga26

  • MD5

    e5cf87c345103b1e7155cc094697b5eb

  • SHA1

    69562e9af313036c7407cbd2c08efc05a4533b35

  • SHA256

    f942365e4334221fdff86007a0680a6ecefe91894d20e1411973061498590297

  • SHA512

    15ac0ff151e75a9f9a1468a5a640c88f88d770dd0c3e9b980106bae882c238b2ba23af623dc50f49435ec4882ed10a5b5b215b1084e051a11ab211965e6a18eb

  • SSDEEP

    3072:GoUBkaV8+Aytj+xNHEGhn7BwTCR9+8e8h5:Gohq25hdwTCR9+

Score
10/10
redline1microsoftphishing

Malware Config

Extracted

Family

redline

Botnet

1

C2

213.239.213.187:17260

Attributes
  • auth_value

    6a4b05ef943a0dd801fd01dfbb9eb717

Targets

    • Target

      1580-54-0x0000000000230000-0x0000000000260000-memory.dmp

    • Size

      192KB

    • MD5

      e5cf87c345103b1e7155cc094697b5eb

    • SHA1

      69562e9af313036c7407cbd2c08efc05a4533b35

    • SHA256

      f942365e4334221fdff86007a0680a6ecefe91894d20e1411973061498590297

    • SHA512

      15ac0ff151e75a9f9a1468a5a640c88f88d770dd0c3e9b980106bae882c238b2ba23af623dc50f49435ec4882ed10a5b5b215b1084e051a11ab211965e6a18eb

    • SSDEEP

      3072:GoUBkaV8+Aytj+xNHEGhn7BwTCR9+8e8h5:Gohq25hdwTCR9+

    Score
    5/10
    microsoftphishing
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks