Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    406KB

  • Sample

    231013-1dg3eadc76

  • MD5

    7d674378f456d6af50892dcd7a9ef7d5

  • SHA1

    37c7a3d933b6d91f71f720622eb4ecdd125a0443

  • SHA256

    0af6821bfe730759d049249d66b09f8b0ba6cae5c5d774ac229b4811b14f7e89

  • SHA512

    623aaa5dcd0725e63dd05dc2f341955f1e19df007541eab2f64a7df7391fe2d5a697f3c23d6b739396de0214cf5e32212d9c7a6243d34e1bc040394f0472f5c9

  • SSDEEP

    6144:wAPkUNR+2moeZhHF8pf7wKK4BAOCrN1ksqjMQ48JP3MFOY/PjRTOBS:wlUNR+2yUK4BcrNusqjxnCF7FTOBS

Score
10/10
redlinesmokiezinfostealer

Malware Config

Extracted

Family

redline

Botnet

smokiez

C2

194.169.175.232:45450

Attributes
  • auth_value

    7b7d8a036038ab89b98f422d559b4f8f

Targets

    • Target

      file.exe

    • Size

      406KB

    • MD5

      7d674378f456d6af50892dcd7a9ef7d5

    • SHA1

      37c7a3d933b6d91f71f720622eb4ecdd125a0443

    • SHA256

      0af6821bfe730759d049249d66b09f8b0ba6cae5c5d774ac229b4811b14f7e89

    • SHA512

      623aaa5dcd0725e63dd05dc2f341955f1e19df007541eab2f64a7df7391fe2d5a697f3c23d6b739396de0214cf5e32212d9c7a6243d34e1bc040394f0472f5c9

    • SSDEEP

      6144:wAPkUNR+2moeZhHF8pf7wKK4BAOCrN1ksqjMQ48JP3MFOY/PjRTOBS:wlUNR+2yUK4BcrNusqjxnCF7FTOBS

    Score
    10/10
    redlinesmokiezinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks