Overview

overview

10

Static

static

3

Installer-...3o.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Installer-Master_v8.3o.exe

  • Size

    65.8MB

  • Sample

    240404-f6w2tagd49

  • MD5

    353000456aeb99f0a64d77380315889a

  • SHA1

    29aa10a5afb52fb29acd223adfe61516d9a1ec33

  • SHA256

    104b1ab313ef8e426b4beb79c9c252c063488c66cf722906e81163bab875d414

  • SHA512

    839b979c7b74c2005fe366d652e55b7bfcab8ecefbdcf03866a03320a7f93340d57cc332d057274b31e149aa6a00c2c29c9a89cd8b3f1a9d869dec5b8a4fd2d3

  • SSDEEP

    1572864:ETelkQytjjeRAeV2VKxE8tU3YaevbpuYl1ddnmmFUw:Ed9jeRALb8tU3YnFma

Score
10/10
redline2infostealer

Malware Config

Extracted

Family

redline

Botnet

2

C2

193.233.132.32:38976

Targets

    • Target

      Installer-Master_v8.3o.exe

    • Size

      65.8MB

    • MD5

      353000456aeb99f0a64d77380315889a

    • SHA1

      29aa10a5afb52fb29acd223adfe61516d9a1ec33

    • SHA256

      104b1ab313ef8e426b4beb79c9c252c063488c66cf722906e81163bab875d414

    • SHA512

      839b979c7b74c2005fe366d652e55b7bfcab8ecefbdcf03866a03320a7f93340d57cc332d057274b31e149aa6a00c2c29c9a89cd8b3f1a9d869dec5b8a4fd2d3

    • SSDEEP

      1572864:ETelkQytjjeRAeV2VKxE8tU3YaevbpuYl1ddnmmFUw:Ed9jeRALb8tU3YnFma

    Score
    10/10
    redline2infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks