redline | 8d2e3cb6a7ee561bafe29716d678dd185419a969537eeaeb93a048b930895c9f | Triage

Submit
Reports

Overview

overview

Static

static

8

0f64dfaa81...1c.exe

windows7_x64

0f64dfaa81...1c.exe

windows10_x64

Sharing

General

Target

0f64dfaa815081f110456e9894a7771c.exe
Size

594KB
Sample

201228-85f4rtn9la
MD5

0f64dfaa815081f110456e9894a7771c
SHA1

2d32280b058eefc202ec725b3fa644e9d657960b
SHA256

8d2e3cb6a7ee561bafe29716d678dd185419a969537eeaeb93a048b930895c9f
SHA512

249caa13cadedf9cd945d165998e101821916c3ca40daf274c502ae7266400011f9bbb25d6c98972b7ad4f8af14648a364da4d5bbbcf102e1fa4e234b5a84f10

Score

10^/10

redline infostealer upx

Static task

static1

Behavioral task

behavioral1

Sample

0f64dfaa815081f110456e9894a7771c.exe

Resource

win7v20201028

redline infostealer upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0f64dfaa815081f110456e9894a7771c.exe

Resource

win10v20201028

redline infostealer upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0f64dfaa815081f110456e9894a7771c.exe
- Size
  
  594KB
- MD5
  
  0f64dfaa815081f110456e9894a7771c
- SHA1
  
  2d32280b058eefc202ec725b3fa644e9d657960b
- SHA256
  
  8d2e3cb6a7ee561bafe29716d678dd185419a969537eeaeb93a048b930895c9f
- SHA512
  
  249caa13cadedf9cd945d165998e101821916c3ca40daf274c502ae7266400011f9bbb25d6c98972b7ad4f8af14648a364da4d5bbbcf102e1fa4e234b5a84f10
Score

10^/10

redline infostealer upx
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealerupx

behavioral2

redlineinfostealerupx

© 2018-2024

Terms | Privacy