redline | 6932751709a4dbb193a60a1a7ca38c4a9428957acbf75e5ffda09bf9f9bb68fc | Triage

Submit
Reports

Overview

overview

Static

static

1

launch.exe

windows7-x64

launch.exe

windows10-2004-x64

Sharing

General

Target

launch.exe
Size

219.3MB
Sample

230803-mqt1vaeb2w
MD5

39f90609236c5a5512022ac4217d0946
SHA1

79de68103b33349f0a8b37d0a0080d73f13eb147
SHA256

6932751709a4dbb193a60a1a7ca38c4a9428957acbf75e5ffda09bf9f9bb68fc
SHA512

6ec6b3b0c932b9395045a737a95a0a58ef348d1e5c847cb75b5a0659ad8b91bb53375fc366e529401d464c1f6fafe7e40efc49cf54cfb1684b1463ff00876b5b
SSDEEP

6144:D828BIGka3FrR1I83YP/AODz2Pgk4+8zjLmgu4BZTh:D828B0a+X1z2Yv+ijP3h

Score

10^/10

redline main infostealer

Static task

static1

Behavioral task

behavioral1

Sample

launch.exe

Resource

win7-20230712-en

redline main infostealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

launch.exe

Resource

win10v2004-20230703-en

redline main infostealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

main

C2

185.106.92.82:5438

Attributes

auth_value
e1d8c486fa51e48b53d3384b5a2b4973

Targets

- Target
  
  launch.exe
- Size
  
  219.3MB
- MD5
  
  39f90609236c5a5512022ac4217d0946
- SHA1
  
  79de68103b33349f0a8b37d0a0080d73f13eb147
- SHA256
  
  6932751709a4dbb193a60a1a7ca38c4a9428957acbf75e5ffda09bf9f9bb68fc
- SHA512
  
  6ec6b3b0c932b9395045a737a95a0a58ef348d1e5c847cb75b5a0659ad8b91bb53375fc366e529401d464c1f6fafe7e40efc49cf54cfb1684b1463ff00876b5b
- SSDEEP
  
  6144:D828BIGka3FrR1I83YP/AODz2Pgk4+8zjLmgu4BZTh:D828B0a+X1z2Yv+ijP3h
Score

10^/10

redline main infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinemaininfostealer

behavioral2

redlinemaininfostealer

© 2018-2024

Terms | Privacy