Overview

overview

10

Static

static

3

0cd97477ff...5N.exe

windows7-x64

10

0cd97477ff...5N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0cd97477ff33dd48a9638bd72e2434b40eea69757b13b3c608e501e55d76f075N.exe

  • Size

    386KB

  • Sample

    241111-c81w1atrhp

  • MD5

    6298003e2231569bcc5fc5f52ef6e60e

  • SHA1

    faf01086519d8ed2bfbbc63f9ec152fdb42e11b7

  • SHA256

    a6cb549f26381eebb7fc282e5ecb85081d76af8ee33accbd4b8f8b992331c709

  • SHA512

    70e6a198bdac12277ebf867f58c901e5757c038c16e694c116d61f9861b6f01a999bbb04cfd23f250259ea3c145bd945d75a08713631a5174dbf2abf3a58e9de

  • SSDEEP

    6144:RHlVXQ8L3NMb0x4VUorpzFICTagNghfXv30JmKWscfva6:FlVXQ83NMZUorpzFvbNg1bBscq6

Score
10/10
redlineborisdiscoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

boris

C2

193.233.20.32:4125

Attributes
  • auth_value

    766b5bdf6dbefcf7ca223351952fc38f

Targets

    • Target

      0cd97477ff33dd48a9638bd72e2434b40eea69757b13b3c608e501e55d76f075N.exe

    • Size

      386KB

    • MD5

      6298003e2231569bcc5fc5f52ef6e60e

    • SHA1

      faf01086519d8ed2bfbbc63f9ec152fdb42e11b7

    • SHA256

      a6cb549f26381eebb7fc282e5ecb85081d76af8ee33accbd4b8f8b992331c709

    • SHA512

      70e6a198bdac12277ebf867f58c901e5757c038c16e694c116d61f9861b6f01a999bbb04cfd23f250259ea3c145bd945d75a08713631a5174dbf2abf3a58e9de

    • SSDEEP

      6144:RHlVXQ8L3NMb0x4VUorpzFICTagNghfXv30JmKWscfva6:FlVXQ83NMZUorpzFvbNg1bBscq6

    Score
    10/10
    redlineborisdiscoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks