Overview

overview

10

Static

static

3

b978ade05f...94.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b978ade05fe7250ba800ed2d26eadce3e5e58d3175c7a294e18383e1e42f0394

  • Size

    567KB

  • Sample

    241111-c9xkzavjbm

  • MD5

    ec9c6a609db680d2457b503a10d8b054

  • SHA1

    68367d40d31cea67309fbb33ae6ff43ad484a9c5

  • SHA256

    b978ade05fe7250ba800ed2d26eadce3e5e58d3175c7a294e18383e1e42f0394

  • SHA512

    b4bfd3439c8605a06c9798c01d6b3e4f3ec24a7834d938eb60aa9cb1c0733504de783e4754e7a621d034e6af262f90cdcf9f82c937f124cf9438dab8fb5c739f

  • SSDEEP

    12288:CMrHy90WhG0F1eaVyCcUuUck0CAyll0VeWTwFh6+v:tym0XWVUHcM0TwP6+v

Score
10/10
redlinedarisdiscoveryinfostealerpersistence

Malware Config

Extracted

Family

redline

Botnet

daris

C2

217.196.96.56:4138

Attributes
  • auth_value

    3491f24ae0250969cd45ce4b3fe77549

Targets

    • Target

      b978ade05fe7250ba800ed2d26eadce3e5e58d3175c7a294e18383e1e42f0394

    • Size

      567KB

    • MD5

      ec9c6a609db680d2457b503a10d8b054

    • SHA1

      68367d40d31cea67309fbb33ae6ff43ad484a9c5

    • SHA256

      b978ade05fe7250ba800ed2d26eadce3e5e58d3175c7a294e18383e1e42f0394

    • SHA512

      b4bfd3439c8605a06c9798c01d6b3e4f3ec24a7834d938eb60aa9cb1c0733504de783e4754e7a621d034e6af262f90cdcf9f82c937f124cf9438dab8fb5c739f

    • SSDEEP

      12288:CMrHy90WhG0F1eaVyCcUuUck0CAyll0VeWTwFh6+v:tym0XWVUHcM0TwP6+v

    Score
    10/10
    redlinedarisdiscoveryinfostealerpersistence

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks