redline | 3a970dac31010f29159ebe7e7b86c7482095ec5c811782e4aa12eeac66554531 | Triage

Submit
Reports

Overview

overview

Static

static

919c0b25ff...63.exe

windows7_x64

919c0b25ff...63.exe

windows10_x64

Sharing

General

Target

919c0b25ff9a712e05dca28aaeacae63
Size

34KB
Sample

201117-wxmkj4c7hj
MD5

919c0b25ff9a712e05dca28aaeacae63
SHA1

8e8857b01c90465c65df203bbbd531ea1c28e81b
SHA256

3a970dac31010f29159ebe7e7b86c7482095ec5c811782e4aa12eeac66554531
SHA512

8ff095cbd231ad6c6cba93d9ffd46586516f2da9ccf1558c2b76ae85123d6cb0ce268c3894be273822501ef83755d322f859d28f45fdb9ac27927da68389f4fd

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

919c0b25ff9a712e05dca28aaeacae63.exe

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

919c0b25ff9a712e05dca28aaeacae63.exe

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  919c0b25ff9a712e05dca28aaeacae63
- Size
  
  34KB
- MD5
  
  919c0b25ff9a712e05dca28aaeacae63
- SHA1
  
  8e8857b01c90465c65df203bbbd531ea1c28e81b
- SHA256
  
  3a970dac31010f29159ebe7e7b86c7482095ec5c811782e4aa12eeac66554531
- SHA512
  
  8ff095cbd231ad6c6cba93d9ffd46586516f2da9ccf1558c2b76ae85123d6cb0ce268c3894be273822501ef83755d322f859d28f45fdb9ac27927da68389f4fd
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy