redline | 9332154e4426648608a5861369d7203244643a47893823a593cbfd2f8725e1bf | Triage

Submit
Reports

Overview

overview

Static

static

3

9332154e44...bf.exe

windows7-x64

9332154e44...bf.exe

windows10-2004-x64

Sharing

General

Target

9332154e4426648608a5861369d7203244643a47893823a593cbfd2f8725e1bf.exe
Size

4.6MB
Sample

241124-eljqbayrbq
MD5

e10ce6163e83dbaecb97e5d359770560
SHA1

f25af2df99470c166c3f7958d4a2c2f3c9caed09
SHA256

9332154e4426648608a5861369d7203244643a47893823a593cbfd2f8725e1bf
SHA512

5186887cea3af43446f8c4b05af6f6481946aa8cc44a6247f208827b920dbcf7201557b7f00312d73cab64331a4d29ccc0993ab3ccfab5ca7c75a128ab2be720
SSDEEP

98304:OLfFTB1dIdS0gBAFCzZKmNrCa9iqWKa4BbYMzMxahb:EnGd2Bepk7iq+MbYMzx

Score

10^/10

redline @admbx discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9332154e4426648608a5861369d7203244643a47893823a593cbfd2f8725e1bf.exe

Resource

win7-20241010-en

redline @admbx discovery infostealer

windows7-x64

7 signatures

120 seconds

Behavioral task

behavioral2

Sample

9332154e4426648608a5861369d7203244643a47893823a593cbfd2f8725e1bf.exe

Resource

win10v2004-20241007-en

redline @admbx discovery infostealer

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Extracted

Family

redline

Botnet

@admbx

C2

5.188.118.163:80

Attributes

auth_value
9bde7608ef33d6cbd8c01687cdd53196

Targets

- Target
  
  9332154e4426648608a5861369d7203244643a47893823a593cbfd2f8725e1bf.exe
- Size
  
  4.6MB
- MD5
  
  e10ce6163e83dbaecb97e5d359770560
- SHA1
  
  f25af2df99470c166c3f7958d4a2c2f3c9caed09
- SHA256
  
  9332154e4426648608a5861369d7203244643a47893823a593cbfd2f8725e1bf
- SHA512
  
  5186887cea3af43446f8c4b05af6f6481946aa8cc44a6247f208827b920dbcf7201557b7f00312d73cab64331a4d29ccc0993ab3ccfab5ca7c75a128ab2be720
- SSDEEP
  
  98304:OLfFTB1dIdS0gBAFCzZKmNrCa9iqWKa4BbYMzMxahb:EnGd2Bepk7iq+MbYMzx
Score

10^/10

redline @admbx discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@admbxdiscoveryinfostealer

behavioral2

redline@admbxdiscoveryinfostealer

© 2018-2024

Terms | Privacy