redline | bb63b3e2db3819a6b9d7a0c3e28157b8ba45c7ea6012ecb66ee6d7d18da62ff0 | Triage

Sharing

General

Target

data64_1.exe
Size

175KB
Sample

230630-ptb1jscf6y
MD5

bbdb74f2c6542aeeb854b0f1a3962379
SHA1

0042e99fb477e0b68831fcd7948ea46fa9c25993
SHA256

bb63b3e2db3819a6b9d7a0c3e28157b8ba45c7ea6012ecb66ee6d7d18da62ff0
SHA512

740a56042008622c4faedb4a723abd24d68d27c45313ddef04f9d9bbd92ab5f9070a96ea0b4014fc1249affd6e75d9bb6889e3bb6f6c2359169516901b23bfec
SSDEEP

3072:vqw26dxriPBJ8d+z12/5JUICTiSV/byO7e3TTYhAa6Yo/HKO/9Rs7Zu:z2AriETUVZDyO7e3TTYhR6lHKO/9Rs7Z

Score

10^/10

redline topp infostealer

Malware Config

Extracted

Family

redline

Botnet

topp

C2

blcesalenial.xyz:80

Attributes

auth_value
3f6f8aeb69188455a7afffe268077415

Targets

- Target
  
  data64_1.exe
- Size
  
  175KB
- MD5
  
  bbdb74f2c6542aeeb854b0f1a3962379
- SHA1
  
  0042e99fb477e0b68831fcd7948ea46fa9c25993
- SHA256
  
  bb63b3e2db3819a6b9d7a0c3e28157b8ba45c7ea6012ecb66ee6d7d18da62ff0
- SHA512
  
  740a56042008622c4faedb4a723abd24d68d27c45313ddef04f9d9bbd92ab5f9070a96ea0b4014fc1249affd6e75d9bb6889e3bb6f6c2359169516901b23bfec
- SSDEEP
  
  3072:vqw26dxriPBJ8d+z12/5JUICTiSV/byO7e3TTYhAa6Yo/HKO/9Rs7Zu:z2AriETUVZDyO7e3TTYhR6lHKO/9Rs7Z
Score

10^/10

redline topp infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinetoppinfostealer

behavioral2

redlinetoppinfostealer