Overview

overview

10

Static

static

3

32a9893b91...1e.exe

windows7-x64

10

32a9893b91...1e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9d5813b61dacad77718d701a1fb5e1d66c66146641bed34c12b1ed4dac5eec85

  • Size

    163KB

  • Sample

    241111-b2p1gssqdn

  • MD5

    daa6c3b0408f213615872e49b11127d9

  • SHA1

    0ca937babfe0bd528ba3a8cfe6c5f7132200fe9c

  • SHA256

    9d5813b61dacad77718d701a1fb5e1d66c66146641bed34c12b1ed4dac5eec85

  • SHA512

    d9016e9307f82681805a7c16f67018753d482ca4bc0a74a0b14abba4d7437693a53d997880e0634f9a901c7fb693ff5c75fc5e45610746bb1fddaeafe4cdb481

  • SSDEEP

    3072:+/u2fUooXCn1zUyo/MhFMTo6cQgEFPLNHvc7wif3Ga4L3YtARQFP3jX+N5AK:+G28vXBy9hFz6cEP1if3L4TYKOFP3juh

Score
10/10
redline5795643456_99discoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

5795643456_99

C2

myodissey.top:28786

greengard.top:28786
Attributes
  • auth_value

    a5587aaf09b09c6249cc2b3b634a7530

Targets

    • Target

      32a9893b91d6439015406e5d43bc6ff0fcffd0f4ebeae5c10828eaceec04191e.exe

    • Size

      289KB

    • MD5

      11a7cb7faff5fd5301ef435a23d5e85a

    • SHA1

      dc9138610a18c0b4a751373e1d5d7aed44cac06b

    • SHA256

      32a9893b91d6439015406e5d43bc6ff0fcffd0f4ebeae5c10828eaceec04191e

    • SHA512

      edba9c869e45920d2600ac873e8a4527a3a5c33ffe9b61a173558f8023f9afa3812c5339e818584e2387508bba3f245389d25e8d70ad17d637a563187da6c852

    • SSDEEP

      6144:bt1faiwM5fi2mLWoZLWqtdN5SAO8SYs2O3s6SzH2Xlk:bt1faiwM5fi2lcSyi3Sjek

    Score
    10/10
    redline5795643456_99discoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks