redline | 96692550fc4f3d468a0d8ad1286cd72d28ccb8fb5f776c62c07cede58da03911 | Triage

Sharing

General

Target

96692550fc4f3d468a0d8ad1286cd72d28ccb8fb5f776c62c07cede58da03911_JC.exe
Size

380KB
Sample

231011-g6dqxaeh3v
MD5

96c64a07dd766bd28df04bc6279d234d
SHA1

24d7570031a0303c4854051893a11165a10f3059
SHA256

96692550fc4f3d468a0d8ad1286cd72d28ccb8fb5f776c62c07cede58da03911
SHA512

ddc9e0d5510aa52a3fb6b6ddd723fa64a8c214a058abf0d3e6f3e3d3548b170b19d30673ef16ed6e87b6806ce535c9607f24225a7bd9b3bb06131f06771669da
SSDEEP

6144:iNCWVTxu4YKkt4HDw93MmAOTRoo4mYxWpjuNN1zzjIkeN3viKC:iNLxu4YKLmXbNYxWYNN1zzjmiKC

Score

10^/10

redline gruha infostealer

Malware Config

Extracted

Family

redline

Botnet

gruha

C2

77.91.124.55:19071

Attributes

auth_value
2f4cf2e668a540e64775b27535cc6892

Targets

- Target
  
  96692550fc4f3d468a0d8ad1286cd72d28ccb8fb5f776c62c07cede58da03911_JC.exe
- Size
  
  380KB
- MD5
  
  96c64a07dd766bd28df04bc6279d234d
- SHA1
  
  24d7570031a0303c4854051893a11165a10f3059
- SHA256
  
  96692550fc4f3d468a0d8ad1286cd72d28ccb8fb5f776c62c07cede58da03911
- SHA512
  
  ddc9e0d5510aa52a3fb6b6ddd723fa64a8c214a058abf0d3e6f3e3d3548b170b19d30673ef16ed6e87b6806ce535c9607f24225a7bd9b3bb06131f06771669da
- SSDEEP
  
  6144:iNCWVTxu4YKkt4HDw93MmAOTRoo4mYxWpjuNN1zzjIkeN3viKC:iNLxu4YKLmXbNYxWYNN1zzjmiKC
Score

10^/10

redline gruha infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinegruhainfostealer

behavioral2

redlinegruhainfostealer