redline | af32fb5cf9a15d419da3f6f33370de5aa3e4b81975348743f37b45a55da0f621 | Triage

Submit
Reports

Overview

overview

Static

static

8

SecuriteIn...32.exe

windows7_x64

SecuriteIn...32.exe

windows10_x64

Sharing

General

Target

SecuriteInfo.com.Artemis95AEA26966CF.21232
Size

699KB
Sample

201224-8qsm44jd36
MD5

95aea26966cfd94893c3abd8b951c364
SHA1

77734c4e87f2af6fc25d7e9971e75bf71f08bd98
SHA256

af32fb5cf9a15d419da3f6f33370de5aa3e4b81975348743f37b45a55da0f621
SHA512

35e137d47233ed16601c9f7de54f8078d8698e3dbe1b7acce5de4109a3f886126ba52db397e3768347b253e833b29fe7d761ca6867678f5a000db45393712737

Score

10^/10

redline infostealer upx

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Artemis95AEA26966CF.21232.exe

Resource

win7v20201028

redline infostealer upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Artemis95AEA26966CF.21232.exe

Resource

win10v20201028

redline infostealer upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Artemis95AEA26966CF.21232
- Size
  
  699KB
- MD5
  
  95aea26966cfd94893c3abd8b951c364
- SHA1
  
  77734c4e87f2af6fc25d7e9971e75bf71f08bd98
- SHA256
  
  af32fb5cf9a15d419da3f6f33370de5aa3e4b81975348743f37b45a55da0f621
- SHA512
  
  35e137d47233ed16601c9f7de54f8078d8698e3dbe1b7acce5de4109a3f886126ba52db397e3768347b253e833b29fe7d761ca6867678f5a000db45393712737
Score

10^/10

redline infostealer upx
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealerupx

behavioral2

redlineinfostealerupx

© 2018-2024

Terms | Privacy