Overview

overview

10

Static

static

3

ab6563964d...JC.exe

windows7-x64

10

ab6563964d...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ab6563964db8fe3966de4a215_JC.exe

  • Size

    2.3MB

  • Sample

    230728-vraycsfb4z

  • MD5

    69d19779b8da64ab2d877e9156ac1189

  • SHA1

    e7ceb475978c9592dfe62737d56d0c8562744c6d

  • SHA256

    ab6563964db8fe3966de4a215307a7aed3e5e242ba28d5f2f418f7723208f3a1

  • SHA512

    b6031036c2b96eeb5fb719e4ecd26cde768385c2ed57579756db570ab42be62b05f620071e35ae0ae27d0a3295e1c553031055725e4a0b316ff0de925b8d75d3

  • SSDEEP

    6144:hHlD0VNBrHdhsGE8C00iW5b2+DWW4eg3++OJPdums4:hHlD0VNBrHC1s+CnegN6Pdt

Score
10/10
redline12infostealer

Malware Config

Extracted

Family

redline

Botnet

12

C2

46.149.77.25:8599

Attributes
  • auth_value

    c46d7c526a45729e5f4c39fca6e505c1

Targets

    • Target

      ab6563964db8fe3966de4a215_JC.exe

    • Size

      2.3MB

    • MD5

      69d19779b8da64ab2d877e9156ac1189

    • SHA1

      e7ceb475978c9592dfe62737d56d0c8562744c6d

    • SHA256

      ab6563964db8fe3966de4a215307a7aed3e5e242ba28d5f2f418f7723208f3a1

    • SHA512

      b6031036c2b96eeb5fb719e4ecd26cde768385c2ed57579756db570ab42be62b05f620071e35ae0ae27d0a3295e1c553031055725e4a0b316ff0de925b8d75d3

    • SSDEEP

      6144:hHlD0VNBrHdhsGE8C00iW5b2+DWW4eg3++OJPdums4:hHlD0VNBrHC1s+CnegN6Pdt

    Score
    10/10
    redline12infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks