Overview

overview

10

Static

static

3

b3267fe443...c1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b3267fe44359c95ead6f29f956e959b3ff40c52c855e96a1134fb4cb5b93b6c1

  • Size

    480KB

  • Sample

    241108-vkfv2awdjj

  • MD5

    66cb17ce6aa2a4f53a4e729dfc916202

  • SHA1

    0a1be21785697d367a44c0cb65f20ae2adbe2af9

  • SHA256

    b3267fe44359c95ead6f29f956e959b3ff40c52c855e96a1134fb4cb5b93b6c1

  • SHA512

    a4679bed7b55b0eb04fee4e7b17d2a5f2c9c4ed67d70bc0e0b75a00e4068f8f70401465205323a06e5da789a837773b457c7ed5db624dbbc9240c3aaad4c6d55

  • SSDEEP

    12288:jMruy90VrmM4qb9fR4BJXMBqCBQw6+RbLoZS:hyGmmb92BJXQqlTiLOS

Score
10/10
redlinefukiadiscoveryinfostealerpersistence

Malware Config

Extracted

Family

redline

Botnet

fukia

C2

193.233.20.13:4136

Attributes
  • auth_value

    e5783636fbd9e4f0cf9a017bce02e67e

Targets

    • Target

      b3267fe44359c95ead6f29f956e959b3ff40c52c855e96a1134fb4cb5b93b6c1

    • Size

      480KB

    • MD5

      66cb17ce6aa2a4f53a4e729dfc916202

    • SHA1

      0a1be21785697d367a44c0cb65f20ae2adbe2af9

    • SHA256

      b3267fe44359c95ead6f29f956e959b3ff40c52c855e96a1134fb4cb5b93b6c1

    • SHA512

      a4679bed7b55b0eb04fee4e7b17d2a5f2c9c4ed67d70bc0e0b75a00e4068f8f70401465205323a06e5da789a837773b457c7ed5db624dbbc9240c3aaad4c6d55

    • SSDEEP

      12288:jMruy90VrmM4qb9fR4BJXMBqCBQw6+RbLoZS:hyGmmb92BJXQqlTiLOS

    Score
    10/10
    redlinefukiadiscoveryinfostealerpersistence

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks