Overview

overview

10

Static

static

3

14c0a6c07b...d1.exe

windows7-x64

10

14c0a6c07b...d1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    14c0a6c07b5cfce1a669a3771320bad1

  • Size

    1.4MB

  • Sample

    241111-cbbkvatjbk

  • MD5

    14c0a6c07b5cfce1a669a3771320bad1

  • SHA1

    40c4ff3e96551b6283afd04a2d2b96985d111c11

  • SHA256

    e713b0a5748a7b8332121f638462b2f5cef38a61f2b5ce0a7cd2c90922265397

  • SHA512

    cae7e53b1f4093b1204313f2159f0b76dc1d0a3f4e1d8191489d8b60d36d3cdf847be1bfa18033f0faaaef85164e2b258752b75efd0328d5b7abdd7b3af5193c

  • SSDEEP

    24576:pM5q1YQYFXAxclMpJeh9dMRqp/urZj8jNIYQLtuqQLL/ygh:y574yN7QLtuqQLN

Score
10/10
redline3discoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

3

C2

45.15.156.86:37262

Attributes
  • auth_value

    d85366020a96552bd07acdfc49dc187c

Targets

    • Target

      14c0a6c07b5cfce1a669a3771320bad1

    • Size

      1.4MB

    • MD5

      14c0a6c07b5cfce1a669a3771320bad1

    • SHA1

      40c4ff3e96551b6283afd04a2d2b96985d111c11

    • SHA256

      e713b0a5748a7b8332121f638462b2f5cef38a61f2b5ce0a7cd2c90922265397

    • SHA512

      cae7e53b1f4093b1204313f2159f0b76dc1d0a3f4e1d8191489d8b60d36d3cdf847be1bfa18033f0faaaef85164e2b258752b75efd0328d5b7abdd7b3af5193c

    • SSDEEP

      24576:pM5q1YQYFXAxclMpJeh9dMRqp/urZj8jNIYQLtuqQLL/ygh:y574yN7QLtuqQLN

    Score
    10/10
    redline3discoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks