redline | 450ba87bdd1d8aa6bbd6e8a5f5a1ded24a4133b4ffde46002b281a0f18216589 | Triage

Submit
Reports

Overview

overview

Static

static

3

Injector.exe

windows7-x64

Injector.exe

windows10-2004-x64

Sharing

General

Target

Injector.bin.zip
Size

753KB
Sample

240630-rylrnasgkk
MD5

2e2d8db27d461e403c92955d4f9e92a6
SHA1

52787837513ce948a3f2405cca2d837e9441bd14
SHA256

450ba87bdd1d8aa6bbd6e8a5f5a1ded24a4133b4ffde46002b281a0f18216589
SHA512

22f51fc755d613fd71f9df7b9660e259cec87a2f0dd2760dd394f16659627d239f2e153b152492c68ed5d1b14114e69d3e1eba6522603f8e6362b8848c99395b
SSDEEP

12288:/c9SxbvSoXNR5Tn2+21M/OE2eQIviZt/negy22fnEdKEIQgkJRk/TNPPcwJG6bvU:/TBvJD5T2+zd96Zt/n222fEEEIQgkYT+

Score

10^/10

redline infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Injector.exe

Resource

win7-20240508-en

redline infostealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

Injector.exe

Resource

win10v2004-20240611-en

redline infostealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

redline

C2

185.215.113.69:15544

Attributes

auth_value
f8fe4a8075f18f92567eec19f355197c

Targets

- Target
  
  Injector.bin
- Size
  
  2.6MB
- MD5
  
  1e927277321ea1ad6ea6adb21b93ecd8
- SHA1
  
  e9f631c34c72ba0ea2cba5e8a43a5e25971a7960
- SHA256
  
  734ea8ecd523dc64cca5a8c4c0541bef85d30caff7c5f90c68071716ed1f9957
- SHA512
  
  5f80620b7ead02fca31f65b3322a9bdbee5f17c53c5c4e957cef0c57246f1af25421a7dc8f81e1099f9a67b6d8c0da9eb09a78d5e3b7edad82be3b363aefc94f
- SSDEEP
  
  24576:eOuJEYEHyIvTv3YlYhIEY3uuMfqdKrRNFPVHKyako+LhVag+eyjtLjHuvLl3RuQi:LuJxESIvTscrDakXadeyjtGvLl3C
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy