Overview

overview

10

Static

static

3

Windows.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Windows.exe

  • Size

    700.4MB

  • Sample

    240219-tp63cagc29

  • MD5

    83334905c465eb76d437ad3a52eb5050

  • SHA1

    3537c9d40e63bba29bce8056746de556ed0a8eea

  • SHA256

    8ceb1edb1d8424f9d05a23f5d1410eed9a4ac63f0ec18ad62a82cb654fb45a8d

  • SHA512

    650b91d81afb6a80584e4f243ae80ac12d59963b5afcad86c8fd4206c56dceec2f42a6a94b26e55d79d109f6cd6061e97d4c48945febeba1085efbe81ac53bb0

  • SSDEEP

    6144:io+LQbpY1c3hJKbcxghqvIf8Ac/qdBhLGGGJzm8Ul/lxj:yqeNc2f8AnBIJXAD

Score
10/10
redlinek1infostealer

Malware Config

Extracted

Family

redline

Botnet

k1

C2

79.137.207.219:12330

Attributes
  • auth_value

    2321c22c2f5b841869ea170ec5148cbc

Targets

    • Target

      Windows.exe

    • Size

      700.4MB

    • MD5

      83334905c465eb76d437ad3a52eb5050

    • SHA1

      3537c9d40e63bba29bce8056746de556ed0a8eea

    • SHA256

      8ceb1edb1d8424f9d05a23f5d1410eed9a4ac63f0ec18ad62a82cb654fb45a8d

    • SHA512

      650b91d81afb6a80584e4f243ae80ac12d59963b5afcad86c8fd4206c56dceec2f42a6a94b26e55d79d109f6cd6061e97d4c48945febeba1085efbe81ac53bb0

    • SSDEEP

      6144:io+LQbpY1c3hJKbcxghqvIf8Ac/qdBhLGGGJzm8Ul/lxj:yqeNc2f8AnBIJXAD

    Score
    10/10
    redlinek1infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks