redline | d94be77dfbd21d042637633b3dbbe689953c9385f011746cca6dd253cfa1c133 | Triage

Sharing

General

Target

quote.pdf.exe
Size

309KB
Sample

210112-nlw8tx2lqx
MD5

be7efa251dc44d2c405753a986548636
SHA1

d5dc3af04e1b0ef18d27d51867f9f89892137035
SHA256

d94be77dfbd21d042637633b3dbbe689953c9385f011746cca6dd253cfa1c133
SHA512

4b6fe8b33806133bb534838967ae92b13aafb5b31b6222b340ac8f4f683618ee374dfd0481c727f11776ea62a5773432d1be7eeb5e1bb75c8baca786af5ca515

Score

10^/10

redline discovery infostealer spyware

Malware Config

Targets

- Target
  
  quote.pdf.exe
- Size
  
  309KB
- MD5
  
  be7efa251dc44d2c405753a986548636
- SHA1
  
  d5dc3af04e1b0ef18d27d51867f9f89892137035
- SHA256
  
  d94be77dfbd21d042637633b3dbbe689953c9385f011746cca6dd253cfa1c133
- SHA512
  
  4b6fe8b33806133bb534838967ae92b13aafb5b31b6222b340ac8f4f683618ee374dfd0481c727f11776ea62a5773432d1be7eeb5e1bb75c8baca786af5ca515
Score

10^/10

redline discovery infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealerspyware

behavioral2

redlinediscoveryinfostealerspyware