redline | 45c3f3af9f9d0c905dcb43df313ecf62364fa7cbab78236a3c049700556b1d63 | Triage

Submit
Reports

Overview

overview

Static

static

1a2b2090b8...13.exe

windows7_x64

1a2b2090b8...13.exe

windows10_x64

Sharing

General

Target

1a2b2090b89823316ac5cb2f242a0213.exe
Size

243KB
Sample

201209-rhvv2j9zlj
MD5

1a2b2090b89823316ac5cb2f242a0213
SHA1

da0f490f21bda3d8c0fc0743981f5e4420a7bdc9
SHA256

45c3f3af9f9d0c905dcb43df313ecf62364fa7cbab78236a3c049700556b1d63
SHA512

2a815c327403b552669565a800d5b74d2d3669f8ce936ef7c6a56167ea0e5b824bcec3234babb2a4bc77799b77a92be6fb09602daaafd7c024f853677b2478b9

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

1a2b2090b89823316ac5cb2f242a0213.exe

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1a2b2090b89823316ac5cb2f242a0213.exe

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  1a2b2090b89823316ac5cb2f242a0213.exe
- Size
  
  243KB
- MD5
  
  1a2b2090b89823316ac5cb2f242a0213
- SHA1
  
  da0f490f21bda3d8c0fc0743981f5e4420a7bdc9
- SHA256
  
  45c3f3af9f9d0c905dcb43df313ecf62364fa7cbab78236a3c049700556b1d63
- SHA512
  
  2a815c327403b552669565a800d5b74d2d3669f8ce936ef7c6a56167ea0e5b824bcec3234babb2a4bc77799b77a92be6fb09602daaafd7c024f853677b2478b9
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy