Overview

overview

10

Static

static

1

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    j0811965.exe

  • Size

    405KB

  • Sample

    230919-hm8bvahd93

  • MD5

    95882a04cf43e9e5881417bc8e0ec5b7

  • SHA1

    02788585baeecb70d2a7a5f8af72511044aa8b8f

  • SHA256

    e791a42ab7baf1299bbc3bc6de9c72ca65cb9464a200eee17e530fa3b272f680

  • SHA512

    0e652afd5b5511dd20e94aee91be3632bbaab1dee2689871148cdbf84e060359195ffa7f86ea2b0d91d6cdf84035211272fcedaa41173029477689f7327e90d4

  • SSDEEP

    6144:F3vJm09zORs+z/TMify9DAOooQRfF45C4NHe7Lcm8/:Ffw09CK5NfMfF45L+7LX8/

Score
10/10
redlinemonikinfostealer

Malware Config

Extracted

Family

redline

Botnet

monik

C2

77.91.124.82:19071

Attributes
  • auth_value

    da7d9ea0878f5901f1f8319d34bdccea

Targets

    • Target

      j0811965.exe

    • Size

      405KB

    • MD5

      95882a04cf43e9e5881417bc8e0ec5b7

    • SHA1

      02788585baeecb70d2a7a5f8af72511044aa8b8f

    • SHA256

      e791a42ab7baf1299bbc3bc6de9c72ca65cb9464a200eee17e530fa3b272f680

    • SHA512

      0e652afd5b5511dd20e94aee91be3632bbaab1dee2689871148cdbf84e060359195ffa7f86ea2b0d91d6cdf84035211272fcedaa41173029477689f7327e90d4

    • SSDEEP

      6144:F3vJm09zORs+z/TMify9DAOooQRfF45C4NHe7Lcm8/:Ffw09CK5NfMfF45L+7LX8/

    Score
    10/10
    redlinemonikinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks