redline | c96f35457cc26c36104f053cb445c0835ead6434c3ce57adaae7911b2ab51d5c | Triage

Submit
Reports

Static

static

8

da0baba4a7...45.exe

windows7_x64

da0baba4a7...45.exe

windows10_x64

Sharing

General

Target

da0baba4a78ada89b12bb09154ce8845.exe
Size

594KB
Sample

201228-pygjayv3ts
MD5

da0baba4a78ada89b12bb09154ce8845
SHA1

3093fb1feace2a89311923c283083e61ef47cde8
SHA256

c96f35457cc26c36104f053cb445c0835ead6434c3ce57adaae7911b2ab51d5c
SHA512

932709db0d24285e220253bbb0262322dbd567fc77888541a0664d1604eae3221017471c0b401be1196a3fd428c03d28153a2a41cf89482465485ab93d8ae527

Score

10^/10

redline infostealer upx

Static task

static1

Behavioral task

behavioral1

Sample

da0baba4a78ada89b12bb09154ce8845.exe

Resource

win7v20201028

redline infostealer upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

da0baba4a78ada89b12bb09154ce8845.exe

Resource

win10v20201028

redline infostealer upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  da0baba4a78ada89b12bb09154ce8845.exe
- Size
  
  594KB
- MD5
  
  da0baba4a78ada89b12bb09154ce8845
- SHA1
  
  3093fb1feace2a89311923c283083e61ef47cde8
- SHA256
  
  c96f35457cc26c36104f053cb445c0835ead6434c3ce57adaae7911b2ab51d5c
- SHA512
  
  932709db0d24285e220253bbb0262322dbd567fc77888541a0664d1604eae3221017471c0b401be1196a3fd428c03d28153a2a41cf89482465485ab93d8ae527
Score

10^/10

redline infostealer upx
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealerupx

behavioral2

redlineinfostealerupx

© 2018-2024

Terms | Privacy