redline | 20baa00e2153312c1a8934f2207f20118f4121c70d93c29dd11606e901a1c184 | Triage

Submit
Reports

Overview

overview

Static

static

0x00060000...00.exe

windows7-x64

0x00060000...00.exe

windows10-2004-x64

Sharing

General

Target

0x00060000000142d2-2300.dat
Size

168KB
Sample

240305-klzz7aah2z
MD5

9eb608b7b14f527df2d7cab8a543ad09
SHA1

e8cc65dc6d070bd1d7f7c873dce002c4fba6abeb
SHA256

20baa00e2153312c1a8934f2207f20118f4121c70d93c29dd11606e901a1c184
SHA512

bdfc6fea13d0ee406f53c1a681b2f904aaf25ca64dc89321a078aef76a3252f16bf1f16222ffe36beb93c022df91876d29cc9785dbd6576f0a340099c6ef1482
SSDEEP

1536:yiwRHYqlVZRGW6zgHr4Y4JxMGztAxzbTGqV+buUngUtWfD5383wYkF8e8hP:WJIHlbWMqVKIdD53X8e8hP

Score

10^/10

redline diza infostealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

0x00060000000142d2-2300.exe

Resource

win7-20240221-en

redline diza infostealer

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

0x00060000000142d2-2300.exe

Resource

win10v2004-20240226-en

redline diza infostealer

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

diza

C2

185.161.248.150:4128

Attributes

auth_value
0d09b419c8bc967f91c68be4a17e92ee

Targets

- Target
  
  0x00060000000142d2-2300.dat
- Size
  
  168KB
- MD5
  
  9eb608b7b14f527df2d7cab8a543ad09
- SHA1
  
  e8cc65dc6d070bd1d7f7c873dce002c4fba6abeb
- SHA256
  
  20baa00e2153312c1a8934f2207f20118f4121c70d93c29dd11606e901a1c184
- SHA512
  
  bdfc6fea13d0ee406f53c1a681b2f904aaf25ca64dc89321a078aef76a3252f16bf1f16222ffe36beb93c022df91876d29cc9785dbd6576f0a340099c6ef1482
- SSDEEP
  
  1536:yiwRHYqlVZRGW6zgHr4Y4JxMGztAxzbTGqV+buUngUtWfD5383wYkF8e8hP:WJIHlbWMqVKIdD53X8e8hP
Score

10^/10

redline diza infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinedizainfostealer

behavioral2

redlinedizainfostealer

© 2018-2024

Terms | Privacy