redline | 1ef621e8245ec8491cc94bb00174f2aa4e03f6aed19dbbcb45a8f2d0f22b79fa | Triage

Submit
Reports

Overview

overview

Static

static

Промо...о.scr

windows7_x64

Промо...о.scr

windows10_x64

Resubmissions

18-01-2021 10:14

210118-5dx6bwq5ea 10

Sharing

General

Target

Промо видео.rar
Size

39KB
Sample

210118-5dx6bwq5ea
MD5

f17ee640412c509c42ed5095689b3bfd
SHA1

496caedc2adf6e678ae9d41b12eae13d3c2fdaaf
SHA256

1ef621e8245ec8491cc94bb00174f2aa4e03f6aed19dbbcb45a8f2d0f22b79fa
SHA512

a6741e0df98fd1f6becaa25c560b97c1a00a2a07c7d3ebaa165019a6687a754429076683bba7a3ab9a3ac857933eb46217926df4cac7b6afb5852aecb9ea06e8

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

Промо видео.scr

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Промо видео.scr

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Промо видео.scr
- Size
  
  432.3MB
- MD5
  
  57ba38e708457ee2da813c3850e5f006
- SHA1
  
  5dabfffcdddf977f08ced56c5ad9b6a9d3a7a3ff
- SHA256
  
  5024e727e7385405534c4849149450f67b4ba7bc0f55444d49ebddc9dd853b4f
- SHA512
  
  66be83ad6db74fb0966456f508d1205dd82727e544975494edb0b4e7e93f27669344335713efe3c42fae742691ebf30a7a0c849196391e2e3fa8503ed185c925
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy