redline | 7fcefdae6d01431202b30b4b18eac815bc05a9e6dcc18b18b5055e4942aa5be7 | Triage

Sharing

General

Target

k8303888.exe
Size

419KB
Sample

230912-gxrw6sdg4z
MD5

5debbb56195829875cdceed4422c632c
SHA1

28f70c3d8269b56ea63495d75b03ccdfe016ea1e
SHA256

7fcefdae6d01431202b30b4b18eac815bc05a9e6dcc18b18b5055e4942aa5be7
SHA512

6006c457ba521597902c234233cd44ccc364c8380cd3f6ad7a475b91b28beea97318378af96e7907377c6261c1b0af7234b3590b0167e1eeb8b39f79de5c86ad
SSDEEP

6144:5Yba2/KMiCQy4bwSjQzL9ois436xMhAOjb74g/SiHQeMbbwbbbyGA3Lp:5x2SMiu4Ms436xMhNbWKMbbwbbby3t

Score

10^/10

redline tuco infostealer

Malware Config

Extracted

Family

redline

Botnet

tuco

C2

77.91.124.82:19071

Attributes

auth_value
dcfeb759bae9232de006fc3a4b34ac53

Targets

- Target
  
  k8303888.exe
- Size
  
  419KB
- MD5
  
  5debbb56195829875cdceed4422c632c
- SHA1
  
  28f70c3d8269b56ea63495d75b03ccdfe016ea1e
- SHA256
  
  7fcefdae6d01431202b30b4b18eac815bc05a9e6dcc18b18b5055e4942aa5be7
- SHA512
  
  6006c457ba521597902c234233cd44ccc364c8380cd3f6ad7a475b91b28beea97318378af96e7907377c6261c1b0af7234b3590b0167e1eeb8b39f79de5c86ad
- SSDEEP
  
  6144:5Yba2/KMiCQy4bwSjQzL9ois436xMhAOjb74g/SiHQeMbbwbbbyGA3Lp:5x2SMiu4Ms436xMhNbWKMbbwbbby3t
Score

10^/10

redline tuco infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinetucoinfostealer

behavioral2

redlinetucoinfostealer