Overview

overview

10

Static

static

3

071b6c448d...37.exe

windows7-x64

3

071b6c448d...37.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a957dc16d684fbd7e12fc87e8ee12fea.bin

  • Size

    413KB

  • Sample

    240701-dgbcpsxepm

  • MD5

    12d09eb2407d93f7150ea7e641cefcc8

  • SHA1

    4519e7018b608d47420c5471666bd0acc8b01667

  • SHA256

    16f345a38f82c3e9cb4a1e9792841b7659d0f67c645f16a26f2c6da95c186484

  • SHA512

    c96deee8e9b58f9a14c6aae6a12ae391e391e6ef4a541f79ecca5fd5d521a685143e459c4609a6fa3a032bce7a0006fdca26114fcdf11d8fea9664855126fa67

  • SSDEEP

    6144:uV2/C49eNSVV4e9s5hUhvqNoB/AA6cpyAFGauY6PDagReofpDZq1usBJP45xa:Qabsw4tKvqNoB/AtcEeuAgoEpDaJP4a

Score
10/10
redlinelivetraffocinfostealer

Malware Config

Extracted

Family

redline

Botnet

LiveTraffoc

C2

4.185.56.82:42687

Targets

    • Target

      071b6c448d2546dea8caed872fca0d002f59a6b9849f0de2a565fc74b487fa37.exe

    • Size

      512KB

    • MD5

      a957dc16d684fbd7e12fc87e8ee12fea

    • SHA1

      20c73ccfdba13fd9b79c9e02432be39e48e4b37d

    • SHA256

      071b6c448d2546dea8caed872fca0d002f59a6b9849f0de2a565fc74b487fa37

    • SHA512

      fd6982587fba779d6febb84dfa65ec3e048e17733c2f01b61996bedb170bb4bb1cbb822c0dd2cf44a7e601373abaf499885b13b7957dd2a307bbd8f2120e9b3b

    • SSDEEP

      12288:4iFfKsLIh/4hBNR3lfo4T4A1i5g70dbRFpJtRSfF:40iP/E/pigb1i5Q0dbLLWf

    Score
    10/10
    redlinelivetraffocinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks