Overview

overview

10

Static

static

10

20.171.68.88.exe

windows7-x64

10

20.171.68.88.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    20.171.68.88.exe

  • Size

    174KB

  • Sample

    230823-b97khaae9v

  • MD5

    3caaf74ee8b28fbeabc4c928f5a17eea

  • SHA1

    d087dbbbe345d8f4da5e1a3787f39f041100f552

  • SHA256

    c6d6baaecb6bea382f8eae460dd60a788197f57b582f33b15c3bb9d70929013b

  • SHA512

    f63ebe19a71fb12d0afe10a033300f7435dff4f9d39d02aea220f90f1abf6d53786dfcf96dd8f30e61fc7581e0f044da212e61cd73227dc8c279922576a826bf

  • SSDEEP

    3072:SNSWel+I0cPzKnOm79UExpE0sfjG6sJo8e8hC:SN6+I0cPzKDxpE0yatO

Score
10/10
redline@rengli_shinfostealer

Malware Config

Extracted

Family

redline

Botnet

@rengli_sh

C2

20.171.68.88:21887

Attributes
  • auth_value

    c371cfb30fab460c373488f3ccb14b08

Targets

    • Target

      20.171.68.88.exe

    • Size

      174KB

    • MD5

      3caaf74ee8b28fbeabc4c928f5a17eea

    • SHA1

      d087dbbbe345d8f4da5e1a3787f39f041100f552

    • SHA256

      c6d6baaecb6bea382f8eae460dd60a788197f57b582f33b15c3bb9d70929013b

    • SHA512

      f63ebe19a71fb12d0afe10a033300f7435dff4f9d39d02aea220f90f1abf6d53786dfcf96dd8f30e61fc7581e0f044da212e61cd73227dc8c279922576a826bf

    • SSDEEP

      3072:SNSWel+I0cPzKnOm79UExpE0sfjG6sJo8e8hC:SN6+I0cPzKDxpE0yatO

    Score
    10/10
    redline@rengli_shinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks