Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    j1132617.exe

  • Size

    399KB

  • Sample

    230919-hme1asfd3x

  • MD5

    3d4b5022c6474f46484f0d8aed6363ef

  • SHA1

    8e4a74cfb8462b96488e5297b0cb160c650cc832

  • SHA256

    e56d4a833792fc1a4f97f54029a422e1cdf0ff0734963a0a48667f6e03563cbb

  • SHA512

    4e8c762f1f7e34863991659de971920a8fce9c3f313c5ec66ed00b1158a8aa858dd7240b521c164e6fb6921f850ff18d16bb6ff1b3d325022381fe516b768f9b

  • SSDEEP

    6144:CJbjEq2jicP5iOo2T8VrSd/sUAOEclV0HRa0CJRC2HtYfW1Sa:CJbrqiG59ouKc7GCJw2Ht8W1Sa

Score
10/10
redlinepretsinfostealer

Malware Config

Extracted

Family

redline

Botnet

prets

C2

77.91.124.82:19071

Attributes
  • auth_value

    44ee9617e145f5ca73d49c1a4a0c2e34

Targets

    • Target

      j1132617.exe

    • Size

      399KB

    • MD5

      3d4b5022c6474f46484f0d8aed6363ef

    • SHA1

      8e4a74cfb8462b96488e5297b0cb160c650cc832

    • SHA256

      e56d4a833792fc1a4f97f54029a422e1cdf0ff0734963a0a48667f6e03563cbb

    • SHA512

      4e8c762f1f7e34863991659de971920a8fce9c3f313c5ec66ed00b1158a8aa858dd7240b521c164e6fb6921f850ff18d16bb6ff1b3d325022381fe516b768f9b

    • SSDEEP

      6144:CJbjEq2jicP5iOo2T8VrSd/sUAOEclV0HRa0CJRC2HtYfW1Sa:CJbrqiG59ouKc7GCJw2Ht8W1Sa

    Score
    10/10
    redlinepretsinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks