Overview

overview

10

Static

static

3

5d91e8981a...f4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5d91e8981afa83b6a1024a7b8428fc677de01255894543fb5eae3ec15ca386f4

  • Size

    565KB

  • Sample

    241109-zmllhs1mbx

  • MD5

    6974b7b5f89ee43f4ea4c0bfa4fb0006

  • SHA1

    07ab9519ffeca0b4c5d679bb5aea3b350d61eecd

  • SHA256

    5d91e8981afa83b6a1024a7b8428fc677de01255894543fb5eae3ec15ca386f4

  • SHA512

    dff51e154c9545dfd6e2b635b57a5120a4be7c20496e339e6f3b5d380e5071bc5947c50a5235704fa40018340a175b1fc9ead986e49187f5a8fd4471c167afb5

  • SSDEEP

    12288:0MrFy90fvf59fVV9yFmuZ4ZDWX5GiCE5nYCp2O:xy+rcJJCSd

Score
10/10
redlinedarmdiscoveryinfostealerpersistence

Malware Config

Extracted

Family

redline

Botnet

darm

C2

217.196.96.56:4138

Attributes
  • auth_value

    d88ac8ccc04ab9979b04b46313db1648

Targets

    • Target

      5d91e8981afa83b6a1024a7b8428fc677de01255894543fb5eae3ec15ca386f4

    • Size

      565KB

    • MD5

      6974b7b5f89ee43f4ea4c0bfa4fb0006

    • SHA1

      07ab9519ffeca0b4c5d679bb5aea3b350d61eecd

    • SHA256

      5d91e8981afa83b6a1024a7b8428fc677de01255894543fb5eae3ec15ca386f4

    • SHA512

      dff51e154c9545dfd6e2b635b57a5120a4be7c20496e339e6f3b5d380e5071bc5947c50a5235704fa40018340a175b1fc9ead986e49187f5a8fd4471c167afb5

    • SSDEEP

      12288:0MrFy90fvf59fVV9yFmuZ4ZDWX5GiCE5nYCp2O:xy+rcJJCSd

    Score
    10/10
    redlinedarmdiscoveryinfostealerpersistence

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks