Overview

overview

10

Static

static

1

bitcoin se...er.exe

windows7-x64

10

bitcoin se...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bitcoin_sender_installer (1).zip

  • Size

    3.9MB

  • Sample

    241201-rhlfysxqcq

  • MD5

    e8f2f44eac027178bbda4b24a71fe428

  • SHA1

    d9c103e04cafc7b18c540082cbcd00ddc4d1d401

  • SHA256

    bfd8bd9e8191c1a6e74cf840a46d1238d2a0b6da53d92990d87e1011d94dcd0e

  • SHA512

    336629d188f6f2dd71fd554b2ef2b8733629e5726ea7cdf555799a2463e396c1e8cba8b52511f67b06637345c247af2ca21433d1d74ed672ffb8eaa0316a5a41

  • SSDEEP

    98304:7HZkZ/8EIUXChaDGua+m8Xkf5HcSemcDZwS+tv8Gy:1Fhf58SemgZfP

Score
10/10
redlinediscoveryinfostealer

Malware Config

Extracted

Family

redline

C2

185.200.191.18:80

Attributes
  • auth_value

    6a6d2013394e24ff36af9394a7517801

Targets

    • Target

      bitcoin sender_installer.exe

    • Size

      3.9MB

    • MD5

      19d7fad2796b560ee65c81026db8777f

    • SHA1

      9a40d6621fa53b007f4db93affbfacbecd4a4a4b

    • SHA256

      5f2125ebd7ab4f116a8ef039712b2ce6049bdf9ed4e7c815f55deb1436a4c763

    • SHA512

      da31ba84a7fd38596b3abf4c195d584c5b4f31e75049e3793d58514039fa87aea772a4c4e1cb2c1c1c293beae665e396cdfcc9369ac71483342dec91775715ff

    • SSDEEP

      98304:nzelkbjahTKWpSZ3/7MB5twsZ9z2Ku8nb2+watGeB:nQkbjadSZ3/745twsZE0nb2+wGGq

    Score
    10/10
    redlinediscoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks