Overview

overview

10

Static

static

10

4db4ea3ec7...36.exe

windows7-x64

10

4db4ea3ec7...36.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4db4ea3ec78389bb31f622e603864c0e3cb5f5bc218468f23c6618998f188b36.exe

  • Size

    168KB

  • Sample

    241115-zkzqcsvrbp

  • MD5

    7996c883756c827d0cf265561108b273

  • SHA1

    8c06193eabd0b6bff3fe97bd4909cc67d639f393

  • SHA256

    4db4ea3ec78389bb31f622e603864c0e3cb5f5bc218468f23c6618998f188b36

  • SHA512

    7e4d45049617196817693ff90ff9a10d1f0b4549c37599a6ee415e92a36c34f52b357f5a3cd934dcd3becfbe18e180654963b626754a7de2562052d17d6740e3

  • SSDEEP

    3072:uJaohQaSe5clFcb0iCKbqVsTQZxTcVL8e8h2R:uJteaSe5clhiVwxTcVLD

Score
10/10
redlinemazdadiscoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

mazda

C2

217.196.96.56:4138

Attributes
  • auth_value

    3d2870537d84a4c6d7aeecd002871c51

Targets

    • Target

      4db4ea3ec78389bb31f622e603864c0e3cb5f5bc218468f23c6618998f188b36.exe

    • Size

      168KB

    • MD5

      7996c883756c827d0cf265561108b273

    • SHA1

      8c06193eabd0b6bff3fe97bd4909cc67d639f393

    • SHA256

      4db4ea3ec78389bb31f622e603864c0e3cb5f5bc218468f23c6618998f188b36

    • SHA512

      7e4d45049617196817693ff90ff9a10d1f0b4549c37599a6ee415e92a36c34f52b357f5a3cd934dcd3becfbe18e180654963b626754a7de2562052d17d6740e3

    • SSDEEP

      3072:uJaohQaSe5clFcb0iCKbqVsTQZxTcVL8e8h2R:uJteaSe5clhiVwxTcVLD

    Score
    10/10
    redlinemazdadiscoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks