Overview

overview

10

Static

static

3

ce51452582...6b.exe

windows7-x64

10

ce51452582...6b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7d0083a963f09e999245be86420c153e0ba4fc78f18aa29c79425314fc43b617

  • Size

    120KB

  • Sample

    241111-j7gkasvqf1

  • MD5

    90f0916e337d8091dd1b343cd4ac61fd

  • SHA1

    798228106e278025e23c695b81c7d0cba72593f5

  • SHA256

    7d0083a963f09e999245be86420c153e0ba4fc78f18aa29c79425314fc43b617

  • SHA512

    4a3f1ddb6bf0907de0fc6d245b90ed6878c614d8d1c7ec1d5498485609633477f66495f12e04db59052f51eb21406f93ab39038cbc0d89e7bc73b7f57f442c44

  • SSDEEP

    3072:iWcU1qyJdkw+zxliwFINEQY/4MCsd7zxBFaI1x2MMZMSp:FcU1nrt+zx9FINEQvjE7B2M0MSp

Score
10/10
redlinepub2discoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

pub2

C2

89.22.231.25:45245

Attributes
  • auth_value

    ea9464d486a641bb513057e5f63399e1

Targets

    • Target

      ce51452582adb86adebc20985dd43b191a3fc98685fb569937f1e9bad86c0c6b

    • Size

      277KB

    • MD5

      dcd17995073a4178bb6afa347ae75456

    • SHA1

      5f50938fe4b773112486bb03e61fd75a3d2eeb1d

    • SHA256

      ce51452582adb86adebc20985dd43b191a3fc98685fb569937f1e9bad86c0c6b

    • SHA512

      83f494ff036ac4836c01f1947ea9e20afc994b8d70106ee5bc7a2e9ef42132c6ff029d0d982734960f51ee4342260615680ab35baa65376174fe345025ac4f69

    • SSDEEP

      6144:niSAGT+Z6EDT6ezCBU/Z7UTtHnQWlc70lKX:niSAGT+ZYByZ7UTtHntipX

    Score
    10/10
    redlinepub2discoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks