redline | a8214be6431a029a423403db367166fb218a51c68b08027d204074e4d8aa7b51 | Triage

Submit
Reports

Overview

overview

Static

static

3

dridex

windows10-2004-x64

Sharing

General

Target

a8214be6431a029a423403db367166fb218a51c68b08027d204074e4d8aa7b51
Size

414KB
Sample

231114-yz75lsff84
MD5

8df2641a982d5c42b1a26aad3c9b88fc
SHA1

c03a470acefdc61412d5b25d57b57eceef898d0d
SHA256

a8214be6431a029a423403db367166fb218a51c68b08027d204074e4d8aa7b51
SHA512

b0205b47364f3f339892bd388b0ceb7c6cca468e04db896e9a5b6371c2039d4167cbbaf4c14f8aedb16a0283b0925e79ead6e4f1993b0f56b3b8378ce6637d13
SSDEEP

6144:NlUnkAlR2SaOmUPvbeAOiTY5kJZXfLPm2vEpy5Us420tfxul:YnkaR2Vke9SXXDPloy5Tufk

Score

10^/10

redline taiga infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a8214be6431a029a423403db367166fb218a51c68b08027d204074e4d8aa7b51.exe

Resource

win10v2004-20231023-en

redline taiga infostealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

taiga

C2

5.42.92.51:19057

Targets

- Target
  
  a8214be6431a029a423403db367166fb218a51c68b08027d204074e4d8aa7b51
- Size
  
  414KB
- MD5
  
  8df2641a982d5c42b1a26aad3c9b88fc
- SHA1
  
  c03a470acefdc61412d5b25d57b57eceef898d0d
- SHA256
  
  a8214be6431a029a423403db367166fb218a51c68b08027d204074e4d8aa7b51
- SHA512
  
  b0205b47364f3f339892bd388b0ceb7c6cca468e04db896e9a5b6371c2039d4167cbbaf4c14f8aedb16a0283b0925e79ead6e4f1993b0f56b3b8378ce6637d13
- SSDEEP
  
  6144:NlUnkAlR2SaOmUPvbeAOiTY5kJZXfLPm2vEpy5Us420tfxul:YnkaR2Vke9SXXDPloy5Tufk
Score

10^/10

redline taiga infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinetaigainfostealer

© 2018-2024

Terms | Privacy