Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    j9790118.exe

  • Size

    393KB

  • Sample

    230918-b15dsadh8w

  • MD5

    c0f6a8667723b11757a4791711e37e2f

  • SHA1

    fca32cb74a6190cd0c930324fc42866594953855

  • SHA256

    f1d2be083b63e9fa0fed9dbc812c3ef01f20eecb07455667cb1f55b4309ec1fe

  • SHA512

    26a98a254005f67b2b5d68ddaa68d79c962c7459afc66d359b634b5066765ff04ad1bdc3871fae3c1b6f7da6ef4afd93c0a1219b965fab303a64d8a9cf86a889

  • SSDEEP

    6144:JBQcaGEZt20ZSwbz8+Dxe8kVAO6loOY8x11sOZRtfCjuih8Ey:JaFzZtT78TUJY8xDdRtfCjuih8Ey

Score
10/10
redlinemonikinfostealer

Malware Config

Extracted

Family

redline

Botnet

monik

C2

77.91.124.82:19071

Attributes
  • auth_value

    da7d9ea0878f5901f1f8319d34bdccea

Targets

    • Target

      j9790118.exe

    • Size

      393KB

    • MD5

      c0f6a8667723b11757a4791711e37e2f

    • SHA1

      fca32cb74a6190cd0c930324fc42866594953855

    • SHA256

      f1d2be083b63e9fa0fed9dbc812c3ef01f20eecb07455667cb1f55b4309ec1fe

    • SHA512

      26a98a254005f67b2b5d68ddaa68d79c962c7459afc66d359b634b5066765ff04ad1bdc3871fae3c1b6f7da6ef4afd93c0a1219b965fab303a64d8a9cf86a889

    • SSDEEP

      6144:JBQcaGEZt20ZSwbz8+Dxe8kVAO6loOY8x11sOZRtfCjuih8Ey:JaFzZtT78TUJY8xDdRtfCjuih8Ey

    Score
    10/10
    redlinemonikinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks