redline | cd0877c4520b3696db9393de1565caf3844f26b588244dd4bb38b149f46d3400 | Triage

Submit
Reports

Overview

overview

Static

static

2925b0ded3...f6.exe

windows7_x64

2925b0ded3...f6.exe

windows10_x64

Sharing

General

Target

2925b0ded3481c8d591953f51fc2bdf6.exe
Size

1.6MB
Sample

201214-ysv9g1pzjj
MD5

2925b0ded3481c8d591953f51fc2bdf6
SHA1

c908771ddd4e98d2e529435ed8088278bb0fd8c6
SHA256

cd0877c4520b3696db9393de1565caf3844f26b588244dd4bb38b149f46d3400
SHA512

76c334152fb722b12e6e66a76040fd1a0fcbcb4703d08435cf22d4833352df1d38c3c9ebcc69dcc759baf235c2c5c364cf5789f0b69c93a00ae55081ede5b68b

Score

10^/10

redline infostealer upx

Static task

static1

Behavioral task

behavioral1

Sample

2925b0ded3481c8d591953f51fc2bdf6.exe

Resource

win7v20201028

redline infostealer upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2925b0ded3481c8d591953f51fc2bdf6.exe

Resource

win10v20201028

redline infostealer upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  2925b0ded3481c8d591953f51fc2bdf6.exe
- Size
  
  1.6MB
- MD5
  
  2925b0ded3481c8d591953f51fc2bdf6
- SHA1
  
  c908771ddd4e98d2e529435ed8088278bb0fd8c6
- SHA256
  
  cd0877c4520b3696db9393de1565caf3844f26b588244dd4bb38b149f46d3400
- SHA512
  
  76c334152fb722b12e6e66a76040fd1a0fcbcb4703d08435cf22d4833352df1d38c3c9ebcc69dcc759baf235c2c5c364cf5789f0b69c93a00ae55081ede5b68b
Score

10^/10

redline infostealer upx
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealerupx

behavioral2

redlineinfostealerupx

© 2018-2024

Terms | Privacy