Overview

overview

10

Static

static

7

28328224a2...bf.exe

windows7-x64

10

28328224a2...bf.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    28328224a23398ba1cb6a3835e1e324062cdac7c024ee53a923b5ba7d397aebf.exe

  • Size

    4.2MB

  • Sample

    241125-k1jlravnhk

  • MD5

    219abe742939705c951d333fcca03e60

  • SHA1

    f092cf92337b718b17b1a466c39f04856e1327bf

  • SHA256

    28328224a23398ba1cb6a3835e1e324062cdac7c024ee53a923b5ba7d397aebf

  • SHA512

    dd08b49b4e6629d41e10139cfa5ab9aa5b273aeb17aa102868f07d4f4ef8715aab5ae15f5cc80be4198b23a103c942cd7685fb86e6595e13a0030ea6534ff73e

  • SSDEEP

    98304:UFVySWe/aWDDOkHPtwsLw1Dl7JGY3K8ujThIOMsEXvsx6bCFFAd:ULySWePDDOkvXLw7cWejThIOMjXv9Oe

Score
10/10
redline@sc4lly1337aspackv2discoveryinfostealer

Malware Config

Extracted

Family

redline

Botnet

@sc4lly1337

C2

185.215.113.83:60722

Attributes
  • auth_value

    cb96f2ad461ba2dc951cb5a868225e22

Targets

    • Target

      28328224a23398ba1cb6a3835e1e324062cdac7c024ee53a923b5ba7d397aebf.exe

    • Size

      4.2MB

    • MD5

      219abe742939705c951d333fcca03e60

    • SHA1

      f092cf92337b718b17b1a466c39f04856e1327bf

    • SHA256

      28328224a23398ba1cb6a3835e1e324062cdac7c024ee53a923b5ba7d397aebf

    • SHA512

      dd08b49b4e6629d41e10139cfa5ab9aa5b273aeb17aa102868f07d4f4ef8715aab5ae15f5cc80be4198b23a103c942cd7685fb86e6595e13a0030ea6534ff73e

    • SSDEEP

      98304:UFVySWe/aWDDOkHPtwsLw1Dl7JGY3K8ujThIOMsEXvsx6bCFFAd:ULySWePDDOkvXLw7cWejThIOMjXv9Oe

    Score
    10/10
    redline@sc4lly1337discoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks