Overview

overview

10

Static

static

1

91dbfe7238...6a.exe

windows7-x64

10

91dbfe7238...6a.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    91dbfe72385a7c89f33fe14789aa5e6a.exe

  • Size

    462KB

  • Sample

    231010-mxtzeseh69

  • MD5

    91dbfe72385a7c89f33fe14789aa5e6a

  • SHA1

    60b1bb7622fd58890501c9c74403261694defebc

  • SHA256

    665ac8b973160c841d3fcddedf5396f7f478ca240fe6964a58c3ab4bb0f25490

  • SHA512

    2051f55188dcfb37ee9df5e917e29c268ddf88c2dab458b413428fe3b2baaa20faba0e052f631b5678a29f342b6137417b72971c1cc2774b5b4ade6fc6dd42ae

  • SSDEEP

    6144:YDNfOeSautmOs+Vlw/CHCUfbyaJAOOWGarzFV7DpLdQGBIuabyG2F9yEYCD62aXI:YDNWRautmOnXCbaJbGCKbyDF9utnMr6S

Score
10/10
redlinemagiainfostealer

Malware Config

Extracted

Family

redline

Botnet

magia

C2

77.91.124.55:19071

Targets

    • Target

      91dbfe72385a7c89f33fe14789aa5e6a.exe

    • Size

      462KB

    • MD5

      91dbfe72385a7c89f33fe14789aa5e6a

    • SHA1

      60b1bb7622fd58890501c9c74403261694defebc

    • SHA256

      665ac8b973160c841d3fcddedf5396f7f478ca240fe6964a58c3ab4bb0f25490

    • SHA512

      2051f55188dcfb37ee9df5e917e29c268ddf88c2dab458b413428fe3b2baaa20faba0e052f631b5678a29f342b6137417b72971c1cc2774b5b4ade6fc6dd42ae

    • SSDEEP

      6144:YDNfOeSautmOs+Vlw/CHCUfbyaJAOOWGarzFV7DpLdQGBIuabyG2F9yEYCD62aXI:YDNWRautmOnXCbaJbGCKbyDF9utnMr6S

    Score
    10/10
    redlinemagiainfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks