redline | 3d402a866fb1dc18d7eaaa64013502d3184c25b9f5c93bfa916b5d15cda34a11 | Triage

Submit
Reports

Overview

overview

Static

static

1bece3fc71...d3.exe

windows7_x64

1bece3fc71...d3.exe

windows10_x64

Sharing

General

Target

1bece3fc719dffcc6b9d02256a39c0d3.exe
Size

590KB
Sample

201222-d5v3kl6rxx
MD5

1bece3fc719dffcc6b9d02256a39c0d3
SHA1

f6e9418f9f1c172518e2fe5cd10b1d94e26c9c30
SHA256

3d402a866fb1dc18d7eaaa64013502d3184c25b9f5c93bfa916b5d15cda34a11
SHA512

b8bb2937917bbe8c6f293d493712fcfb13cd89c3b99b070bb264d9f5f4ad710bc11023ec3b3d1accbf172509416de09b68199bc5a6cf291a3d46a0a2e325e74a

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

1bece3fc719dffcc6b9d02256a39c0d3.exe

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1bece3fc719dffcc6b9d02256a39c0d3.exe

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  1bece3fc719dffcc6b9d02256a39c0d3.exe
- Size
  
  590KB
- MD5
  
  1bece3fc719dffcc6b9d02256a39c0d3
- SHA1
  
  f6e9418f9f1c172518e2fe5cd10b1d94e26c9c30
- SHA256
  
  3d402a866fb1dc18d7eaaa64013502d3184c25b9f5c93bfa916b5d15cda34a11
- SHA512
  
  b8bb2937917bbe8c6f293d493712fcfb13cd89c3b99b070bb264d9f5f4ad710bc11023ec3b3d1accbf172509416de09b68199bc5a6cf291a3d46a0a2e325e74a
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy