redline | ec53e2555605c5424630d394f6b11677be607c4060ea5772b4afd9ed4f0f94c7 | Triage

Sharing

General

Target

ec53e2555605c5424630d394f6b11677be607c4060ea5772b4afd9ed4f0f94c7exe_JC.exe
Size

393KB
Sample

231012-1hatwsde87
MD5

58fa69cdac0d6b16bfbd5523944b4d93
SHA1

e88e831be4e2e2d600ed99e3857839b08bbf74da
SHA256

ec53e2555605c5424630d394f6b11677be607c4060ea5772b4afd9ed4f0f94c7
SHA512

3acf583aa105e3c01bc67eabe907f3a23223ee3473d48a8cc9722a37311d3ff4d46604f49ae8bed25348cf7afdb8715c75b7386dd7a66745a4673052bab493c7
SSDEEP

6144:UAcaGEZt20ZSwbz8+Dxe8kVAOnlGlIlFeDrVnZiYfFqOiTbqwNhgwEapoGh8Ey:UAFzZtT78T1wIl8TndYRhh8Ey

Score

10^/10

redline smokiez infostealer

Malware Config

Extracted

Family

redline

Botnet

smokiez

C2

194.169.175.232:45450

Attributes

auth_value
7b7d8a036038ab89b98f422d559b4f8f

Targets

- Target
  
  ec53e2555605c5424630d394f6b11677be607c4060ea5772b4afd9ed4f0f94c7exe_JC.exe
- Size
  
  393KB
- MD5
  
  58fa69cdac0d6b16bfbd5523944b4d93
- SHA1
  
  e88e831be4e2e2d600ed99e3857839b08bbf74da
- SHA256
  
  ec53e2555605c5424630d394f6b11677be607c4060ea5772b4afd9ed4f0f94c7
- SHA512
  
  3acf583aa105e3c01bc67eabe907f3a23223ee3473d48a8cc9722a37311d3ff4d46604f49ae8bed25348cf7afdb8715c75b7386dd7a66745a4673052bab493c7
- SSDEEP
  
  6144:UAcaGEZt20ZSwbz8+Dxe8kVAOnlGlIlFeDrVnZiYfFqOiTbqwNhgwEapoGh8Ey:UAFzZtT78T1wIl8TndYRhh8Ey
Score

10^/10

redline smokiez infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesmokiezinfostealer

behavioral2

redlinesmokiezinfostealer