redline | 1327f6d2be1f9ec0e2bef78ffb5a702b1a5249e4e7cea43e0012aebf1cb8c669 | Triage

Submit
Reports

Overview

overview

Static

static

1

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

4aw602SF.exe
Size

459KB
Sample

231010-bcllrshe7t
MD5

f807505c12a33b65b08e46eef6408959
SHA1

49813fdcd432b333f296421a2dbf867506363626
SHA256

1327f6d2be1f9ec0e2bef78ffb5a702b1a5249e4e7cea43e0012aebf1cb8c669
SHA512

4df7bf7aaa4f1a409032c3e2e1cce183b707b70219b62d54af7fdccb6e5b7f78ae67727ee4bc6c30e044cb0f6535b155d1834ad3e3120eef7fdba82740919179
SSDEEP

6144:4vRHImfMPTjdJUINv8nqBJY5FAOtOjHXfSxrviJxekGQYto/vHYjB4rSPjIEtN3:4vCmETjbJ3mTOjHvSxrviukGftgvHhG3

Score

10^/10

redline frant infostealer

Static task

static1

Behavioral task

behavioral1

Sample

4aw602SF.exe

Resource

win7-20230831-en

redline frant infostealer

windows7-x64

5 signatures

300 seconds

Behavioral task

behavioral2

Sample

4aw602SF.exe

Resource

win10-20230915-en

redline frant infostealer

windows10-1703-x64

5 signatures

300 seconds

Malware Config

Extracted

Family

redline

Botnet

frant

C2

77.91.124.55:19071

Targets

- Target
  
  4aw602SF.exe
- Size
  
  459KB
- MD5
  
  f807505c12a33b65b08e46eef6408959
- SHA1
  
  49813fdcd432b333f296421a2dbf867506363626
- SHA256
  
  1327f6d2be1f9ec0e2bef78ffb5a702b1a5249e4e7cea43e0012aebf1cb8c669
- SHA512
  
  4df7bf7aaa4f1a409032c3e2e1cce183b707b70219b62d54af7fdccb6e5b7f78ae67727ee4bc6c30e044cb0f6535b155d1834ad3e3120eef7fdba82740919179
- SSDEEP
  
  6144:4vRHImfMPTjdJUINv8nqBJY5FAOtOjHXfSxrviJxekGQYto/vHYjB4rSPjIEtN3:4vCmETjbJ3mTOjHvSxrviukGftgvHhG3
Score

10^/10

redline frant infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinefrantinfostealer

behavioral2

redlinefrantinfostealer

© 2018-2024

Terms | Privacy