Overview

overview

10

Static

static

1

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    j9680413.exe

  • Size

    405KB

  • Sample

    230919-hnlt8sfd6z

  • MD5

    94b59bd7f1a4c16e04ebb2e4593ea3bb

  • SHA1

    1eaa55605d5b184e167b63776cd7611ce636a6d5

  • SHA256

    b27329bcbe303a7aa8434bd01804520b2fad181b8cc3045ca3df43f3b7ab57c7

  • SHA512

    aca360ba736499a92288602d04e658bf08a6eae1890376ba22ead3c43c5f44b18d4919db57199cc2dfdc76527b715b4240ff2133cd912874249edd37ad042320

  • SSDEEP

    6144:c7vJm09zORs+z/TMify9DAOvoQwefKeR8T0ozVb3Jl+/8/:cbw09CK5N2QGU/8/

Score
10/10
redlinemonikinfostealer

Malware Config

Extracted

Family

redline

Botnet

monik

C2

77.91.124.82:19071

Attributes
  • auth_value

    da7d9ea0878f5901f1f8319d34bdccea

Targets

    • Target

      j9680413.exe

    • Size

      405KB

    • MD5

      94b59bd7f1a4c16e04ebb2e4593ea3bb

    • SHA1

      1eaa55605d5b184e167b63776cd7611ce636a6d5

    • SHA256

      b27329bcbe303a7aa8434bd01804520b2fad181b8cc3045ca3df43f3b7ab57c7

    • SHA512

      aca360ba736499a92288602d04e658bf08a6eae1890376ba22ead3c43c5f44b18d4919db57199cc2dfdc76527b715b4240ff2133cd912874249edd37ad042320

    • SSDEEP

      6144:c7vJm09zORs+z/TMify9DAOvoQwefKeR8T0ozVb3Jl+/8/:cbw09CK5N2QGU/8/

    Score
    10/10
    redlinemonikinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks