redline | 2b14c418ece19eda5bffd6234b71eb9b60eb9f07c80a3850fb7371fed92ad63f | Triage

Submit
Reports

Overview

overview

Static

static

14d9e9e299...7d.exe

windows7_x64

14d9e9e299...7d.exe

windows10_x64

Sharing

General

Target

14d9e9e29951389651ada7196394637d.exe
Size

18KB
Sample

201215-fspz4zpcks
MD5

14d9e9e29951389651ada7196394637d
SHA1

50163e90ff9d1921ca5a5097634f25124a6b50fb
SHA256

2b14c418ece19eda5bffd6234b71eb9b60eb9f07c80a3850fb7371fed92ad63f
SHA512

a181003d761574d40155ee39bf355c41a39ef6033eb91d5ca8f78569e37f2204a7ee79fbcf50027325297f5f59b0ee49bef70bbd7157a32aa38ca0f92e540915

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

14d9e9e29951389651ada7196394637d.exe

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

14d9e9e29951389651ada7196394637d.exe

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  14d9e9e29951389651ada7196394637d.exe
- Size
  
  18KB
- MD5
  
  14d9e9e29951389651ada7196394637d
- SHA1
  
  50163e90ff9d1921ca5a5097634f25124a6b50fb
- SHA256
  
  2b14c418ece19eda5bffd6234b71eb9b60eb9f07c80a3850fb7371fed92ad63f
- SHA512
  
  a181003d761574d40155ee39bf355c41a39ef6033eb91d5ca8f78569e37f2204a7ee79fbcf50027325297f5f59b0ee49bef70bbd7157a32aa38ca0f92e540915
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy