Overview

overview

10

Static

static

3

aa0868fe92...aa.exe

windows7-x64

10

aa0868fe92...aa.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aa0868fe928831bc760d4515ea5875190aba1a4da6164d9c8874c5abfd750caa

  • Size

    371KB

  • Sample

    241108-bx88ka1ngw

  • MD5

    48aeebbf620a4ffa88ad00ce62c6997e

  • SHA1

    5a329cdb911b4156e32dabe563ffdb37390dda8b

  • SHA256

    aa0868fe928831bc760d4515ea5875190aba1a4da6164d9c8874c5abfd750caa

  • SHA512

    d86ca17298e0e3b8308eab21d35f48f427c8d88c9c6c3000fb311c3891e55cecdfc55c46f34bef3e004310350f13b8d75c94529e2901bbbf8ef3d9d9af956674

  • SSDEEP

    6144:I1c95HIATYxl4z3GTkAe0YnGDw2IKcO/w+XiILU6dqb7ITsqXigaXwVfi:I1c95H7TYrCYkAepCw2oOI4kL7R

Score
10/10
redline1discoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes
  • auth_value

    ec6ada170bcec2e72f0e1f3954547f73

Targets

    • Target

      aa0868fe928831bc760d4515ea5875190aba1a4da6164d9c8874c5abfd750caa

    • Size

      371KB

    • MD5

      48aeebbf620a4ffa88ad00ce62c6997e

    • SHA1

      5a329cdb911b4156e32dabe563ffdb37390dda8b

    • SHA256

      aa0868fe928831bc760d4515ea5875190aba1a4da6164d9c8874c5abfd750caa

    • SHA512

      d86ca17298e0e3b8308eab21d35f48f427c8d88c9c6c3000fb311c3891e55cecdfc55c46f34bef3e004310350f13b8d75c94529e2901bbbf8ef3d9d9af956674

    • SSDEEP

      6144:I1c95HIATYxl4z3GTkAe0YnGDw2IKcO/w+XiILU6dqb7ITsqXigaXwVfi:I1c95H7TYrCYkAepCw2oOI4kL7R

    Score
    10/10
    redline1discoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks