redline | 1ef621e8245ec8491cc94bb00174f2aa4e03f6aed19dbbcb45a8f2d0f22b79fa | Triage

Submit
Reports

Overview

overview

Static

static

Промо...о.scr

windows7_x64

Промо...о.scr

windows10_x64

Resubmissions

18-01-2021 10:14

210118-5dx6bwq5ea 10

Sharing

General

Target

Промо видео.rar
Size

39KB
Sample

210118-5dx6bwq5ea
MD5

f17ee640412c509c42ed5095689b3bfd
SHA1

496caedc2adf6e678ae9d41b12eae13d3c2fdaaf
SHA256

1ef621e8245ec8491cc94bb00174f2aa4e03f6aed19dbbcb45a8f2d0f22b79fa
SHA512

a6741e0df98fd1f6becaa25c560b97c1a00a2a07c7d3ebaa165019a6687a754429076683bba7a3ab9a3ac857933eb46217926df4cac7b6afb5852aecb9ea06e8

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

Промо видео.scr

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Промо видео.scr

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Промо видео.scr
- Size
  
  432.3MB
- MD5
  
  57ba38e708457ee2da813c3850e5f006
- SHA1
  
  5dabfffcdddf977f08ced56c5ad9b6a9d3a7a3ff
- SHA256
  
  5024e727e7385405534c4849149450f67b4ba7bc0f55444d49ebddc9dd853b4f
- SHA512
  
  66be83ad6db74fb0966456f508d1205dd82727e544975494edb0b4e7e93f27669344335713efe3c42fae742691ebf30a7a0c849196391e2e3fa8503ed185c925
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy