redline | add432dca76d9ae5e7883d7fccba10211cbf0a6b2f694af0edc37a679739f375 | Triage

Submit
Reports

Overview

overview

Static

static

8

a911862b8e...6b.exe

windows7_x64

a911862b8e...6b.exe

windows10_x64

Sharing

General

Target

a911862b8e009e674d018aaff16a326b.exe
Size

595KB
Sample

201228-chzjej26ws
MD5

a911862b8e009e674d018aaff16a326b
SHA1

03537444d8d5fee6c3a86cd5ee86a33cba1deeca
SHA256

add432dca76d9ae5e7883d7fccba10211cbf0a6b2f694af0edc37a679739f375
SHA512

903e7d5299d2c84f0a2cf2eeec77f48f0aaf0f0bb4947cddddca1667c0721b2ccb38c36573c125ef37f5bb33b9ab6003030fe2606db647d39c8bbab3ee090b02

Score

10^/10

redline infostealer upx

Static task

static1

Behavioral task

behavioral1

Sample

a911862b8e009e674d018aaff16a326b.exe

Resource

win7v20201028

redline infostealer upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

a911862b8e009e674d018aaff16a326b.exe

Resource

win10v20201028

redline infostealer upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  a911862b8e009e674d018aaff16a326b.exe
- Size
  
  595KB
- MD5
  
  a911862b8e009e674d018aaff16a326b
- SHA1
  
  03537444d8d5fee6c3a86cd5ee86a33cba1deeca
- SHA256
  
  add432dca76d9ae5e7883d7fccba10211cbf0a6b2f694af0edc37a679739f375
- SHA512
  
  903e7d5299d2c84f0a2cf2eeec77f48f0aaf0f0bb4947cddddca1667c0721b2ccb38c36573c125ef37f5bb33b9ab6003030fe2606db647d39c8bbab3ee090b02
Score

10^/10

redline infostealer upx
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealerupx

behavioral2

redlineinfostealerupx

© 2018-2024

Terms | Privacy