redline | b21fa02c5d7df615fa1bc6409c38f13443719a4d8170df69574907c147e8c252 | Triage

Submit
Reports

Overview

overview

Static

static

8

6e9f4fd219...d6.exe

windows7_x64

6e9f4fd219...d6.exe

windows10_x64

Sharing

General

Target

6e9f4fd219d3de61c025eca7548b1dd6.exe
Size

594KB
Sample

201228-8mqcvezfe2
MD5

6e9f4fd219d3de61c025eca7548b1dd6
SHA1

9010edd4582d91b7a74a63615b870d4e2df91c97
SHA256

b21fa02c5d7df615fa1bc6409c38f13443719a4d8170df69574907c147e8c252
SHA512

97ecba12b1fd9bc67b5ddcb44dc86beeef254b47dc47d089b89d351a7296445edffdbe7b84ebbe71034ec72fe20b8a3a1dc0824509a11d663b22c27021b61985

Score

10^/10

redline infostealer upx

Static task

static1

Behavioral task

behavioral1

Sample

6e9f4fd219d3de61c025eca7548b1dd6.exe

Resource

win7v20201028

redline infostealer upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6e9f4fd219d3de61c025eca7548b1dd6.exe

Resource

win10v20201028

redline infostealer upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  6e9f4fd219d3de61c025eca7548b1dd6.exe
- Size
  
  594KB
- MD5
  
  6e9f4fd219d3de61c025eca7548b1dd6
- SHA1
  
  9010edd4582d91b7a74a63615b870d4e2df91c97
- SHA256
  
  b21fa02c5d7df615fa1bc6409c38f13443719a4d8170df69574907c147e8c252
- SHA512
  
  97ecba12b1fd9bc67b5ddcb44dc86beeef254b47dc47d089b89d351a7296445edffdbe7b84ebbe71034ec72fe20b8a3a1dc0824509a11d663b22c27021b61985
Score

10^/10

redline infostealer upx
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealerupx

behavioral2

redlineinfostealerupx

© 2018-2024

Terms | Privacy