Overview

overview

10

Static

static

3

fb0cf55f70...a9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fb0cf55f708420d0fdbb020aec6c2459005b93be7033aff546ab9c58c741d2a9

  • Size

    479KB

  • Sample

    241110-vbzlsa1bmp

  • MD5

    1f6bbc5f8b5fefa7cc721439009303f0

  • SHA1

    2a8dc4415c0aff84e73053f2f6083487e8299f6d

  • SHA256

    fb0cf55f708420d0fdbb020aec6c2459005b93be7033aff546ab9c58c741d2a9

  • SHA512

    70bd4bb3edbe336fcf8e42a033ee2b213ae8b4fb6a236e18e9bf9efbddce627ddd19d3176c2336f6aeece1972c209b5c500ad583fc30f5b943923f87d36205f3

  • SSDEEP

    12288:FMrgy90Nh3emgJVrXUbjC++kb0ExjGLhbON+uVFb:xy2h3eXrkbm++krYLUN+WFb

Score
10/10
redlinedumuddiscoveryinfostealerpersistence

Malware Config

Extracted

Family

redline

Botnet

dumud

C2

217.196.96.101:4132

Attributes
  • auth_value

    3e18d4b90418aa3e78d8822e87c62f5c

Targets

    • Target

      fb0cf55f708420d0fdbb020aec6c2459005b93be7033aff546ab9c58c741d2a9

    • Size

      479KB

    • MD5

      1f6bbc5f8b5fefa7cc721439009303f0

    • SHA1

      2a8dc4415c0aff84e73053f2f6083487e8299f6d

    • SHA256

      fb0cf55f708420d0fdbb020aec6c2459005b93be7033aff546ab9c58c741d2a9

    • SHA512

      70bd4bb3edbe336fcf8e42a033ee2b213ae8b4fb6a236e18e9bf9efbddce627ddd19d3176c2336f6aeece1972c209b5c500ad583fc30f5b943923f87d36205f3

    • SSDEEP

      12288:FMrgy90Nh3emgJVrXUbjC++kb0ExjGLhbON+uVFb:xy2h3eXrkbm++krYLUN+WFb

    Score
    10/10
    redlinedumuddiscoveryinfostealerpersistence

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks