Overview

overview

10

Static

static

3

e2cb840743...1e.exe

windows7-x64

10

e2cb840743...1e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4e0b0b27b5e08ac17deed00506959e6bee65bc77712ccce540225c435d85fbad

  • Size

    134KB

  • Sample

    241111-baxw1sskdr

  • MD5

    4478226022fc4363a087ea99a25889ad

  • SHA1

    06b86f9588e794c2a1cc0622b97ab8eb86470cb5

  • SHA256

    4e0b0b27b5e08ac17deed00506959e6bee65bc77712ccce540225c435d85fbad

  • SHA512

    7b2133341cb74f5198cb9302d036adfffb88fe93f1b36566daaa44c4a47e96baf66ec2a6feb93b65926f21d3a3a41b51d58bfe86b6ee3eab8667a3f17e865fb0

  • SSDEEP

    3072:am7IvtRmIaL2fE0qLQ6lKGK12NTSDM5RHGO/nTtJUJwmz16znYFLeJJti+:+v2Z0WlHK1IT8oVIJT16rmLe7s+

Score
10/10
redlinegoogle2discoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

Google2

C2

167.235.71.14:20469

Attributes
  • auth_value

    fb274d9691235ba015830da570a13578

Targets

    • Target

      e2cb8407436a5a2ed6f1220df5805900cf1df475eb9493a81508e61748144e1e.exe

    • Size

      244KB

    • MD5

      7b41368bae47e4e02a054fad1155da9b

    • SHA1

      210cb9b322dc316f25b1c614af26174eb7dceda1

    • SHA256

      e2cb8407436a5a2ed6f1220df5805900cf1df475eb9493a81508e61748144e1e

    • SHA512

      525c76bd414657480f7f543326c13d7c84149cb8f172d10039de3ce66751cb1afc04b7d5b374b917405401f54883e594cb52e29f34a521debdfb959a71eded6f

    • SSDEEP

      6144:PUmnhkRWlYBmwedJWh3FO9F9JCm7Xyn2APRNXyJ0yiwMREUxL0w4bJsEy:LnhkRWvWh3FO9F9JCm7Xyn2APbXymwM5

    Score
    10/10
    redlinegoogle2discoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks