redline | a60c4b7d70eddc6161f776aa1310a78fe723cf2d6c3edea9f96707212fbf7eab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

j4816313.exe
Size

707KB
Sample

230922-ggstjaff52
MD5

79ad70d7c12f36729cf52971d5c4ab35
SHA1

e22d8d72f9c2d6a7b54742d3b53485f8443642e1
SHA256

a60c4b7d70eddc6161f776aa1310a78fe723cf2d6c3edea9f96707212fbf7eab
SHA512

f53f226a8b6a31bd6c55eeeff7669af86acddb86bcadcab9c7feecac96324d7e00eddea3e45a4d5113e8c747dc290d2357068178d0e68f6e30ac1ccd03ee9147
SSDEEP

12288:a2sZ4qc4QgqQ3Tr4uVQfJkusQzqO01TrNzPRHQ:a2sZ4cQgqQ3kVm1TJzpw

Score

10^/10

redline trush infostealer

Malware Config

Extracted

Family

redline

Botnet

trush

C2

77.91.124.82:19071

Attributes

auth_value
c13814867cde8193679cd0cad2d774be

Targets

- Target
  
  j4816313.exe
- Size
  
  707KB
- MD5
  
  79ad70d7c12f36729cf52971d5c4ab35
- SHA1
  
  e22d8d72f9c2d6a7b54742d3b53485f8443642e1
- SHA256
  
  a60c4b7d70eddc6161f776aa1310a78fe723cf2d6c3edea9f96707212fbf7eab
- SHA512
  
  f53f226a8b6a31bd6c55eeeff7669af86acddb86bcadcab9c7feecac96324d7e00eddea3e45a4d5113e8c747dc290d2357068178d0e68f6e30ac1ccd03ee9147
- SSDEEP
  
  12288:a2sZ4qc4QgqQ3Tr4uVQfJkusQzqO01TrNzPRHQ:a2sZ4cQgqQ3kVm1TJzpw
Score

10^/10

redline trush infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinetrushinfostealer

behavioral2

redlinetrushinfostealer