Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    j0377021.exe

  • Size

    390KB

  • Sample

    231004-hycz3shg7z

  • MD5

    5400ef9b599b97241b92c86f3dbd4cfd

  • SHA1

    c1f2456bc1bd87ca2202be79a8e5849e91d99dd1

  • SHA256

    eb104ce924ac2c526c482db13312aa44ad634b3b934de628b5e0d4b2b1d60146

  • SHA512

    c4d72a3063da664b87d7cb94d4a7e43ea62ec541b68e4ba79622292a9d46355d12a7677a08257358e4793187a944595fd164307fcaabfdd311cecbf22933e630

  • SSDEEP

    6144:jhXFo/N5ExgFbNOUAHEHIXbLvZAOSu5rud2lXnr5QfjMrAcVs0BC+:DwDExgFY5vx0uy2lGwrA4s0BC+

Score
10/10
redlinegruhainfostealer

Malware Config

Extracted

Family

redline

Botnet

gruha

C2

77.91.124.55:19071

Attributes
  • auth_value

    2f4cf2e668a540e64775b27535cc6892

Targets

    • Target

      j0377021.exe

    • Size

      390KB

    • MD5

      5400ef9b599b97241b92c86f3dbd4cfd

    • SHA1

      c1f2456bc1bd87ca2202be79a8e5849e91d99dd1

    • SHA256

      eb104ce924ac2c526c482db13312aa44ad634b3b934de628b5e0d4b2b1d60146

    • SHA512

      c4d72a3063da664b87d7cb94d4a7e43ea62ec541b68e4ba79622292a9d46355d12a7677a08257358e4793187a944595fd164307fcaabfdd311cecbf22933e630

    • SSDEEP

      6144:jhXFo/N5ExgFbNOUAHEHIXbLvZAOSu5rud2lXnr5QfjMrAcVs0BC+:DwDExgFY5vx0uy2lGwrA4s0BC+

    Score
    10/10
    redlinegruhainfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks