Overview

overview

10

Static

static

3

0cebb90e26...ba.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0cebb90e26b7ed9e1ab29b4620b2270de761469b6d630ae7a411ecf0d54477ba

  • Size

    1.1MB

  • Sample

    241110-bvpq5swgrc

  • MD5

    71dab879f647f3e3547eb24bc6fee5c7

  • SHA1

    64b6e3d0acbd515609ae58e1c64f3f112f6d69e0

  • SHA256

    0cebb90e26b7ed9e1ab29b4620b2270de761469b6d630ae7a411ecf0d54477ba

  • SHA512

    3750502c62a5ca5971948cfc1169de1c69d6d435a19a5be23cac611870122e9c6aa9bd8216b0ad62f415a446da1514e21744188e7f1c635969ae2079d49314f8

  • SSDEEP

    24576:wy13bMIpuTYf1pwPTTrJ0kTkBxoEZICS310VR9Hs:3dpIYAPF0HBOEg31IR9

Score
10/10
redlinedomadiscoveryinfostealerpersistence

Malware Config

Extracted

Family

redline

Botnet

doma

C2

185.161.248.75:4132

Attributes
  • auth_value

    8be53af7f78567706928d0abef953ef4

Targets

    • Target

      0cebb90e26b7ed9e1ab29b4620b2270de761469b6d630ae7a411ecf0d54477ba

    • Size

      1.1MB

    • MD5

      71dab879f647f3e3547eb24bc6fee5c7

    • SHA1

      64b6e3d0acbd515609ae58e1c64f3f112f6d69e0

    • SHA256

      0cebb90e26b7ed9e1ab29b4620b2270de761469b6d630ae7a411ecf0d54477ba

    • SHA512

      3750502c62a5ca5971948cfc1169de1c69d6d435a19a5be23cac611870122e9c6aa9bd8216b0ad62f415a446da1514e21744188e7f1c635969ae2079d49314f8

    • SSDEEP

      24576:wy13bMIpuTYf1pwPTTrJ0kTkBxoEZICS310VR9Hs:3dpIYAPF0HBOEg31IR9

    Score
    10/10
    redlinedomadiscoveryinfostealerpersistence

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks