redline | c42efcd5f53c75f36a6ed5c8f8be82359b848285ffb0fc5acc12fbd625c7028e | Triage

Submit
Reports

Overview

overview

Static

static

1

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

4IN797WF.exe
Size

459KB
Sample

231010-bdsfpsbf42
MD5

a38ce3e2dc246d8e40f95186737c588f
SHA1

87eb3f865fdd506f345d1d586f4d8c4d490f669a
SHA256

c42efcd5f53c75f36a6ed5c8f8be82359b848285ffb0fc5acc12fbd625c7028e
SHA512

9b6dec7f0eaae988f522ec927e0082dd03ead7605387c52d6184ee899154c85e9f180622b7ca32377a9e9a0b1972e24131e0a47e2b27797c55736b25261d27c9
SSDEEP

6144:+fqhmbDPM4jjdpvIN8fp7z5BAOiU/Eiz/1mub3+pb4cu9bRl/R+oY0X:+fqaDPjjb/kU/DmubOpb4cGbRrX

Score

10^/10

redline frant infostealer

Static task

static1

Behavioral task

behavioral1

Sample

4IN797WF.exe

Resource

win7-20230831-en

redline frant infostealer

windows7-x64

5 signatures

300 seconds

Behavioral task

behavioral2

Sample

4IN797WF.exe

Resource

win10-20230915-en

redline frant infostealer

windows10-1703-x64

5 signatures

300 seconds

Malware Config

Extracted

Family

redline

Botnet

frant

C2

77.91.124.55:19071

Targets

- Target
  
  4IN797WF.exe
- Size
  
  459KB
- MD5
  
  a38ce3e2dc246d8e40f95186737c588f
- SHA1
  
  87eb3f865fdd506f345d1d586f4d8c4d490f669a
- SHA256
  
  c42efcd5f53c75f36a6ed5c8f8be82359b848285ffb0fc5acc12fbd625c7028e
- SHA512
  
  9b6dec7f0eaae988f522ec927e0082dd03ead7605387c52d6184ee899154c85e9f180622b7ca32377a9e9a0b1972e24131e0a47e2b27797c55736b25261d27c9
- SSDEEP
  
  6144:+fqhmbDPM4jjdpvIN8fp7z5BAOiU/Eiz/1mub3+pb4cu9bRl/R+oY0X:+fqaDPjjb/kU/DmubOpb4cGbRrX
Score

10^/10

redline frant infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinefrantinfostealer

behavioral2

redlinefrantinfostealer

© 2018-2024

Terms | Privacy