Overview

overview

10

Static

static

3

dfec1c862a...f0.exe

windows7-x64

10

dfec1c862a...f0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5b94fa145afb110e2481f3904cd6c803779dd20544a01c71d58806e8132ed5be

  • Size

    259KB

  • Sample

    241111-bxb8tsspej

  • MD5

    882621895fdc3c902e7bc735b41f19a9

  • SHA1

    06dc8ff3c8097d520e72dae4b853d6021b769b11

  • SHA256

    5b94fa145afb110e2481f3904cd6c803779dd20544a01c71d58806e8132ed5be

  • SHA512

    41e02d9ab70a838da110bce2c78ff020d92dca1cbdfd9bcf1e24706d6ae7ad94530619432c42ef26ec9e7da6441204596c27fd8bbb50ac77ece7d566176f56aa

  • SSDEEP

    6144:DqBKu9BkPE7f+63rJHaTfDfsY/DVbBZB207j/4zAbElQXCIkGHZk:Dq7HZ7+W6j7p5B20XSAbEeCIJ5k

Score
10/10
redlineshakurdiscoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

shakur

C2

31.41.244.198:4083

Attributes
  • auth_value

    77cf57cf0231c3bc6ab7b37cc351aa82

Targets

    • Target

      dfec1c862aab22d3a232cc76de806fed0c00e6a33095fe1bac52d76907a6b0f0

    • Size

      350KB

    • MD5

      60b1be4990de6bee6da7f02f51490444

    • SHA1

      dc7c23f68d23b533ebdfde129e9a0d911bdb0da5

    • SHA256

      dfec1c862aab22d3a232cc76de806fed0c00e6a33095fe1bac52d76907a6b0f0

    • SHA512

      1f097db8f48f2689d9b2f7bcb618f870084ca3a964bfdad6c831c6b9edf40168d61fc31fa5b9f5e47bfdcd516f2b6ca28ad8deecabea36d50e5fa0355c002368

    • SSDEEP

      6144:uLPPmf2E7f+63rJzaTfDDsg/D5bBZB2ydZ1Z21YDZ:ubmv7+Wmj3TlB2y9

    Score
    10/10
    redlineshakurdiscoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks