redline | f1626105054686b8af41da05be026b6c8bfb9b9dc052e7c32b79193472f1ceba | Triage

Submit
Reports

Overview

overview

Static

static

1

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

4oE045Hr.exe
Size

459KB
Sample

231010-fpkbpaba41
MD5

0f9bf0eeeae62f42f1e7f735706d1a14
SHA1

efd2514c4d6c7e6ce1f39008fafe3bcb8b12408e
SHA256

f1626105054686b8af41da05be026b6c8bfb9b9dc052e7c32b79193472f1ceba
SHA512

8aafdb85d2a4ca093ab4e0de6601f2a00e04413079b58fb5e0ab710fb3edb1d54796c3b30c6502f626e326c46d322616c7ba195385f4e2ee3158f9dcf361da27
SSDEEP

6144:IfThnbDPM4jjdpvIN8fp7z5BAOgfFHN6DEvQiCD8S40X:IfTVDPjjb/+fpNs3dRNX

Score

10^/10

redline frant infostealer

Static task

static1

Behavioral task

behavioral1

Sample

4oE045Hr.exe

Resource

win7-20230831-en

redline frant infostealer

windows7-x64

5 signatures

300 seconds

Behavioral task

behavioral2

Sample

4oE045Hr.exe

Resource

win10-20230915-en

redline frant infostealer

windows10-1703-x64

5 signatures

300 seconds

Malware Config

Extracted

Family

redline

Botnet

frant

C2

77.91.124.55:19071

Targets

- Target
  
  4oE045Hr.exe
- Size
  
  459KB
- MD5
  
  0f9bf0eeeae62f42f1e7f735706d1a14
- SHA1
  
  efd2514c4d6c7e6ce1f39008fafe3bcb8b12408e
- SHA256
  
  f1626105054686b8af41da05be026b6c8bfb9b9dc052e7c32b79193472f1ceba
- SHA512
  
  8aafdb85d2a4ca093ab4e0de6601f2a00e04413079b58fb5e0ab710fb3edb1d54796c3b30c6502f626e326c46d322616c7ba195385f4e2ee3158f9dcf361da27
- SSDEEP
  
  6144:IfThnbDPM4jjdpvIN8fp7z5BAOgfFHN6DEvQiCD8S40X:IfTVDPjjb/+fpNs3dRNX
Score

10^/10

redline frant infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinefrantinfostealer

behavioral2

redlinefrantinfostealer

© 2018-2024

Terms | Privacy