Overview

overview

10

Static

static

3

71c7f97368...c4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    71c7f97368f738b457fa9730ec9da60ecc6d395e3f1a0f7d11b94c459c6a3dc4

  • Size

    1.5MB

  • Sample

    241111-ctc7ds1bpf

  • MD5

    bdac71e6c435966d0f66f1bfbe5acce7

  • SHA1

    be51245ac41ac38674921a309371004732267315

  • SHA256

    71c7f97368f738b457fa9730ec9da60ecc6d395e3f1a0f7d11b94c459c6a3dc4

  • SHA512

    1c765e6f8066254b1c737b3319964fee4efe9eb08524cb14a2b7995a2ebe477ce4de4fdc9b6b9ea81eb957bb7b236d5a81983d3f0afd60e63c8f06b440323103

  • SSDEEP

    24576:/yrnJSzL5zY/TwDa2fTO4tJYOvgAI3ruMGigxeSe5fSArZSD3gNj9o7:KrnJSz90h2bOwJYN3ruQFBrC3S

Score
10/10
redlinemostdiscoveryinfostealerpersistence

Malware Config

Extracted

Family

redline

Botnet

most

C2

185.161.248.73:4164

Attributes
  • auth_value

    7da4dfa153f2919e617aa016f7c36008

Targets

    • Target

      71c7f97368f738b457fa9730ec9da60ecc6d395e3f1a0f7d11b94c459c6a3dc4

    • Size

      1.5MB

    • MD5

      bdac71e6c435966d0f66f1bfbe5acce7

    • SHA1

      be51245ac41ac38674921a309371004732267315

    • SHA256

      71c7f97368f738b457fa9730ec9da60ecc6d395e3f1a0f7d11b94c459c6a3dc4

    • SHA512

      1c765e6f8066254b1c737b3319964fee4efe9eb08524cb14a2b7995a2ebe477ce4de4fdc9b6b9ea81eb957bb7b236d5a81983d3f0afd60e63c8f06b440323103

    • SSDEEP

      24576:/yrnJSzL5zY/TwDa2fTO4tJYOvgAI3ruMGigxeSe5fSArZSD3gNj9o7:KrnJSz90h2bOwJYN3ruQFBrC3S

    Score
    10/10
    redlinemostdiscoveryinfostealerpersistence

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks