Overview

overview

10

Static

static

3

e72e3e0f37...b6.exe

windows7-x64

3

e72e3e0f37...b6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e72e3e0f37eddc11e9003053604c7ab6.exe

  • Size

    537KB

  • Sample

    240708-j1j2vascqd

  • MD5

    e72e3e0f37eddc11e9003053604c7ab6

  • SHA1

    2c8fe866e63d022f0da0f67132d14260fc220e24

  • SHA256

    6ccec07e798b1400fdb5c6d059b4a7421333c12ec60c566d599e556cd74e53b2

  • SHA512

    10ff29c4310676f4f198baf12d087b4283bcafa846f626493e9716611b4e815df58073f37018a337654de1d382b31bc7e8ae948dbe1c77e156b89f2c5d8479ac

  • SSDEEP

    12288:GlPvulyUTwW9U9ybMSDttya3WfwsUXo0gIteVvfL/T+jtx:GlPmlyU82Df3NsUTgsCvfL6

Score
10/10
redlinelivetrafficinfostealer

Malware Config

Extracted

Family

redline

Botnet

LiveTraffic

C2

20.52.165.210:39030

Targets

    • Target

      e72e3e0f37eddc11e9003053604c7ab6.exe

    • Size

      537KB

    • MD5

      e72e3e0f37eddc11e9003053604c7ab6

    • SHA1

      2c8fe866e63d022f0da0f67132d14260fc220e24

    • SHA256

      6ccec07e798b1400fdb5c6d059b4a7421333c12ec60c566d599e556cd74e53b2

    • SHA512

      10ff29c4310676f4f198baf12d087b4283bcafa846f626493e9716611b4e815df58073f37018a337654de1d382b31bc7e8ae948dbe1c77e156b89f2c5d8479ac

    • SSDEEP

      12288:GlPvulyUTwW9U9ybMSDttya3WfwsUXo0gIteVvfL/T+jtx:GlPmlyU82Df3NsUTgsCvfL6

    Score
    10/10
    redlinelivetrafficinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks