redline | f18ee2360eb587bdf735ce3886c728f54cace99210a6528adf5846e911a3e01b | Triage

Sharing

General

Target

j5220189.exe
Size

399KB
Sample

230919-hnsb1she27
MD5

6911db4059e254077f03d58ef899a334
SHA1

dd476b4e26a3e102998886a5c111fe4a493a9a21
SHA256

f18ee2360eb587bdf735ce3886c728f54cace99210a6528adf5846e911a3e01b
SHA512

e5f6f56205672df854a0e942f51f070f1bc395c3d547d3f271ac28807cf390b5b71c6cc783771ae25648cb7fea0dfb2275264ee23ad6fe59ab17ff0690427f37
SSDEEP

6144:+jpjE12jicP5iOo2T8VrSd/sUAO8clkwUv5M3pQ1xeKM7ZzuF9iHpFGazEU1Sa:+jpcqiG59ouecGteKMFo9SN51Sa

Score

10^/10

redline monik infostealer

Malware Config

Extracted

Family

redline

Botnet

monik

C2

77.91.124.82:19071

Attributes

auth_value
da7d9ea0878f5901f1f8319d34bdccea

Targets

- Target
  
  j5220189.exe
- Size
  
  399KB
- MD5
  
  6911db4059e254077f03d58ef899a334
- SHA1
  
  dd476b4e26a3e102998886a5c111fe4a493a9a21
- SHA256
  
  f18ee2360eb587bdf735ce3886c728f54cace99210a6528adf5846e911a3e01b
- SHA512
  
  e5f6f56205672df854a0e942f51f070f1bc395c3d547d3f271ac28807cf390b5b71c6cc783771ae25648cb7fea0dfb2275264ee23ad6fe59ab17ff0690427f37
- SSDEEP
  
  6144:+jpjE12jicP5iOo2T8VrSd/sUAO8clkwUv5M3pQ1xeKM7ZzuF9iHpFGazEU1Sa:+jpcqiG59ouecGteKMFo9SN51Sa
Score

10^/10

redline monik infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinemonikinfostealer

behavioral2

redlinemonikinfostealer