redline | f251a7055b834690efbfb0d7d758533c7a57628fdfd3a2220f5e522e8376696b | Triage

Submit
Reports

Overview

overview

Static

static

3

dridex

windows10-1703-x64

Sharing

General

Target

f251a7055b834690efbfb0d7d758533c7a57628fdfd3a2220f5e522e8376696b
Size

414KB
Sample

231114-qqfp1ace9w
MD5

7b20f74b9b69a877037765a7fb44fcec
SHA1

cc9832ad1c3466abea26c13c3eb57d3e28974970
SHA256

f251a7055b834690efbfb0d7d758533c7a57628fdfd3a2220f5e522e8376696b
SHA512

fe8f7c6053c94ce44a0687245826d0639c46efcde6edc3561057ae1bb21462e271315bd98d6b07e758797682cc88c3b617df0a7f9d2af12b52552ab8bb296dc4
SSDEEP

12288:QiUBuelnknoRNqsnLp70vaRKeQYn97U5C1t:aBpFgvaR597

Score

10^/10

redline taiga infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f251a7055b834690efbfb0d7d758533c7a57628fdfd3a2220f5e522e8376696b.exe

Resource

win10-20231020-en

redline taiga infostealer

windows10-1703-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

taiga

C2

5.42.92.51:19057

Targets

- Target
  
  f251a7055b834690efbfb0d7d758533c7a57628fdfd3a2220f5e522e8376696b
- Size
  
  414KB
- MD5
  
  7b20f74b9b69a877037765a7fb44fcec
- SHA1
  
  cc9832ad1c3466abea26c13c3eb57d3e28974970
- SHA256
  
  f251a7055b834690efbfb0d7d758533c7a57628fdfd3a2220f5e522e8376696b
- SHA512
  
  fe8f7c6053c94ce44a0687245826d0639c46efcde6edc3561057ae1bb21462e271315bd98d6b07e758797682cc88c3b617df0a7f9d2af12b52552ab8bb296dc4
- SSDEEP
  
  12288:QiUBuelnknoRNqsnLp70vaRKeQYn97U5C1t:aBpFgvaR597
Score

10^/10

redline taiga infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinetaigainfostealer

© 2018-2024

Terms | Privacy