Overview

overview

10

Static

static

3

c1de327053...fN.exe

windows7-x64

10

c1de327053...fN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c1de3270530e33ea3603b28bb4fea541d1d2b80aa17872418f7c9f355c77eacfN

  • Size

    357KB

  • Sample

    241111-afag8sxhnn

  • MD5

    42855eb1b38bbe499622e3d026b11910

  • SHA1

    b698c24d021fef2c6f00bd51349990098839a2f7

  • SHA256

    c1de3270530e33ea3603b28bb4fea541d1d2b80aa17872418f7c9f355c77eacf

  • SHA512

    e041fae8ac078b47266e563b9efba81b9e3c5548c9448c2df6a87b931f173173f2abe90e602ec278a974ad1256bd8d4088558d80a8af2e8c3db8e75a848cd382

  • SSDEEP

    6144:25+d09OHuyE1uRVRsMIdHISZ5KIqUNRFj:8+m9OHmuRV+MISSZ5Kn4RR

Score
10/10
redlineborisdiscoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

boris

C2

193.233.20.32:4125

Attributes
  • auth_value

    766b5bdf6dbefcf7ca223351952fc38f

Targets

    • Target

      c1de3270530e33ea3603b28bb4fea541d1d2b80aa17872418f7c9f355c77eacfN

    • Size

      357KB

    • MD5

      42855eb1b38bbe499622e3d026b11910

    • SHA1

      b698c24d021fef2c6f00bd51349990098839a2f7

    • SHA256

      c1de3270530e33ea3603b28bb4fea541d1d2b80aa17872418f7c9f355c77eacf

    • SHA512

      e041fae8ac078b47266e563b9efba81b9e3c5548c9448c2df6a87b931f173173f2abe90e602ec278a974ad1256bd8d4088558d80a8af2e8c3db8e75a848cd382

    • SSDEEP

      6144:25+d09OHuyE1uRVRsMIdHISZ5KIqUNRFj:8+m9OHmuRV+MISSZ5Kn4RR

    Score
    10/10
    redlineborisdiscoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks