Overview

overview

10

Static

static

3

449a34dfd3...aN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    449a34dfd38aeb7312c96213a1a05d1f92be22d4c0fb58451a91eac9b7ca8b2aN.exe

  • Size

    304KB

  • Sample

    241206-ace9bayqfv

  • MD5

    06b865d2c87780546ccd6cb7374d0680

  • SHA1

    dd4b751019460f9a4c006d953451a0845e97b0ff

  • SHA256

    449a34dfd38aeb7312c96213a1a05d1f92be22d4c0fb58451a91eac9b7ca8b2a

  • SHA512

    3a10fec1df61144a2c357a91cc94a4d28e6300db2c29faa9d711da45b11bcb66ac89774b41ff6f6b956d15ff48009faaf7dd8ff61c3c7ead6529a4281d0218fe

  • SSDEEP

    6144:KBy+bnr+Cp0yN90QEfSt7N//6JvBXXS57xe9:vMrqy90F0Jqb+E

Score
10/10
redlinedomadiscoveryinfostealerpersistence

Malware Config

Extracted

Family

redline

Botnet

doma

C2

185.161.248.75:4132

Attributes
  • auth_value

    8be53af7f78567706928d0abef953ef4

Targets

    • Target

      449a34dfd38aeb7312c96213a1a05d1f92be22d4c0fb58451a91eac9b7ca8b2aN.exe

    • Size

      304KB

    • MD5

      06b865d2c87780546ccd6cb7374d0680

    • SHA1

      dd4b751019460f9a4c006d953451a0845e97b0ff

    • SHA256

      449a34dfd38aeb7312c96213a1a05d1f92be22d4c0fb58451a91eac9b7ca8b2a

    • SHA512

      3a10fec1df61144a2c357a91cc94a4d28e6300db2c29faa9d711da45b11bcb66ac89774b41ff6f6b956d15ff48009faaf7dd8ff61c3c7ead6529a4281d0218fe

    • SSDEEP

      6144:KBy+bnr+Cp0yN90QEfSt7N//6JvBXXS57xe9:vMrqy90F0Jqb+E

    Score
    10/10
    redlinedomadiscoveryinfostealerpersistence

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks