redline | 2e12900865d2eec1931a062d93b667fa0627a3fb28702055fdda370f56165aa9 | Triage

Submit
Reports

Overview

overview

Static

static

3

2e12900865...a9.exe

windows7-x64

2e12900865...a9.exe

windows10-2004-x64

Sharing

General

Target

2e12900865d2eec1931a062d93b667fa0627a3fb28702055fdda370f56165aa9.exe
Size

4.6MB
Sample

241124-asvnyavkdv
MD5

f0a27521377e62ad7dd5626bfb0dae81
SHA1

468695c96aa270fc97736919e218538b46410a06
SHA256

2e12900865d2eec1931a062d93b667fa0627a3fb28702055fdda370f56165aa9
SHA512

741515050e5db9c23cb1558e905139e13b182c75a57c7861293938fc6161024c303b10203ac747c7a19eca488f0a852cbd9eb1d9c46afb9b4061e7d129f91e7b
SSDEEP

98304:ALAR9WAXsEVfPkhz4ZJZzWEEFQVHnvnW70ckb0EMgP32fDyWdEqD7ezeaibX:KAXsEVnkexKFQvWQrMgP32ryWWqD7eyd

Score

10^/10

redline 716965980 discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2e12900865d2eec1931a062d93b667fa0627a3fb28702055fdda370f56165aa9.exe

Resource

win7-20240903-en

redline 716965980 discovery infostealer

windows7-x64

7 signatures

120 seconds

Behavioral task

behavioral2

Sample

2e12900865d2eec1931a062d93b667fa0627a3fb28702055fdda370f56165aa9.exe

Resource

win10v2004-20241007-en

redline 716965980 discovery infostealer

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Extracted

Family

redline

Botnet

716965980

C2

94.26.248.120:63731

Attributes

auth_value
ee8187fd574be73a935e073f8b5705eb

Targets

- Target
  
  2e12900865d2eec1931a062d93b667fa0627a3fb28702055fdda370f56165aa9.exe
- Size
  
  4.6MB
- MD5
  
  f0a27521377e62ad7dd5626bfb0dae81
- SHA1
  
  468695c96aa270fc97736919e218538b46410a06
- SHA256
  
  2e12900865d2eec1931a062d93b667fa0627a3fb28702055fdda370f56165aa9
- SHA512
  
  741515050e5db9c23cb1558e905139e13b182c75a57c7861293938fc6161024c303b10203ac747c7a19eca488f0a852cbd9eb1d9c46afb9b4061e7d129f91e7b
- SSDEEP
  
  98304:ALAR9WAXsEVfPkhz4ZJZzWEEFQVHnvnW70ckb0EMgP32fDyWdEqD7ezeaibX:KAXsEVnkexKFQvWQrMgP32ryWWqD7eyd
Score

10^/10

redline 716965980 discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline716965980discoveryinfostealer

behavioral2

redline716965980discoveryinfostealer

© 2018-2024

Terms | Privacy