Overview

overview

10

Static

static

1

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a3fa2ab4e84d4ea0a272962535016b660eb797bb2210e747d28a51a024a3e6c5

  • Size

    4.6MB

  • Sample

    240319-xkjm2acg8t

  • MD5

    cf8a20b11ce9cf757bfaf49bd93ac524

  • SHA1

    e349ecb0e296bb830f1b6495b003062c299c4016

  • SHA256

    a3fa2ab4e84d4ea0a272962535016b660eb797bb2210e747d28a51a024a3e6c5

  • SHA512

    a46ecf6435515de574074790696a19abdaea81b85d5d7dc6d3d0138cf75d4916acd500639889770dfc9a8de3f499cd39d86958bf46e47ded0a9227029fe7f73a

  • SSDEEP

    49152:0+0uIwxes1V4MvtSMKJD50BIaVhzh2jmlGGODZ6LSjG9oSyTXYUkqOedG9ilud7x:08CMOJmBIqV2CENVlSyMqZ4iQd7x

Score
10/10
redlinevicinfostealer

Malware Config

Extracted

Family

redline

Botnet

vic

C2

91.92.241.115:12393

Targets

    • Target

      a3fa2ab4e84d4ea0a272962535016b660eb797bb2210e747d28a51a024a3e6c5

    • Size

      4.6MB

    • MD5

      cf8a20b11ce9cf757bfaf49bd93ac524

    • SHA1

      e349ecb0e296bb830f1b6495b003062c299c4016

    • SHA256

      a3fa2ab4e84d4ea0a272962535016b660eb797bb2210e747d28a51a024a3e6c5

    • SHA512

      a46ecf6435515de574074790696a19abdaea81b85d5d7dc6d3d0138cf75d4916acd500639889770dfc9a8de3f499cd39d86958bf46e47ded0a9227029fe7f73a

    • SSDEEP

      49152:0+0uIwxes1V4MvtSMKJD50BIaVhzh2jmlGGODZ6LSjG9oSyTXYUkqOedG9ilud7x:08CMOJmBIqV2CENVlSyMqZ4iQd7x

    Score
    10/10
    redlinevicinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks