redline | 0ecd4a0cbb6f891a4f527d9df3a12fc717c946556922e3ab49ad866fcd26a15a | Triage

Submit
Reports

Overview

overview

Static

static

8

9cf85e1e2d...2a.exe

windows7_x64

9cf85e1e2d...2a.exe

windows10_x64

Sharing

General

Target

9cf85e1e2de960124dd87efe8dd0e72a.exe
Size

595KB
Sample

201228-nqh2smzf2s
MD5

9cf85e1e2de960124dd87efe8dd0e72a
SHA1

ea2d4379e3042fb6bd4271b35faf71c6c720f4ff
SHA256

0ecd4a0cbb6f891a4f527d9df3a12fc717c946556922e3ab49ad866fcd26a15a
SHA512

bc6a368fef8c1d5d90ba83f51cede7553d703d4b80a6aa82592c8385c2f7392f2c28ab3cd3afc69d96b86e2ff736f2f8a4607fb7128f87013d6501252b7d3a57

Score

10^/10

redline infostealer upx

Static task

static1

Behavioral task

behavioral1

Sample

9cf85e1e2de960124dd87efe8dd0e72a.exe

Resource

win7v20201028

redline infostealer upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

9cf85e1e2de960124dd87efe8dd0e72a.exe

Resource

win10v20201028

redline infostealer upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  9cf85e1e2de960124dd87efe8dd0e72a.exe
- Size
  
  595KB
- MD5
  
  9cf85e1e2de960124dd87efe8dd0e72a
- SHA1
  
  ea2d4379e3042fb6bd4271b35faf71c6c720f4ff
- SHA256
  
  0ecd4a0cbb6f891a4f527d9df3a12fc717c946556922e3ab49ad866fcd26a15a
- SHA512
  
  bc6a368fef8c1d5d90ba83f51cede7553d703d4b80a6aa82592c8385c2f7392f2c28ab3cd3afc69d96b86e2ff736f2f8a4607fb7128f87013d6501252b7d3a57
Score

10^/10

redline infostealer upx
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealerupx

behavioral2

redlineinfostealerupx

© 2018-2024

Terms | Privacy