redline | 16b62d355e20b072fb8c5700f3343f873a29ace92c456f91c9217bbe211181d9 | Triage

Submit
Reports

Overview

overview

Static

static

Промо...о.scr

windows7_x64

Промо...о.scr

windows10_x64

Resubmissions

18-01-2021 10:43

210118-s6cara96qn 10

18-01-2021 10:07

210118-x1crmc9ktn 10

Sharing

General

Target

Рекламное видео.rar
Size

53.9MB
Sample

210118-s6cara96qn
MD5

9787a1160d8e64f01c20325f735d6415
SHA1

fd16e59749f8e5da1c30218679d806eff6a9170e
SHA256

16b62d355e20b072fb8c5700f3343f873a29ace92c456f91c9217bbe211181d9
SHA512

e194a8f01490ae3f725c92a6a6732352307a525f1b1db609c01c6291fc1513c285ae8bf2dcb7b01efaad337c89f6c534574972454614b8c2ac1f98e6a50edc43

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

Промо-Видео.scr

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Промо-Видео.scr

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Промо-Видео.scr
- Size
  
  53.9MB
- MD5
  
  c031fe877665cf604136837cf4c9649e
- SHA1
  
  fc5e93769e521a08bb648f97d26c77bb85b82e54
- SHA256
  
  7fe1a5c4794c3119e52398460d4ac1f5b52eb98085d5190d1afa4ddc380cc2a3
- SHA512
  
  55178c3c0c1c2e6b87746459c5c68de260437e7539fbaa3a4fe3c9e2709dea5b0e61bebdf2f5cc426d7fb59f430690a5ba2964d4a93b847f34dd03e49a45f664
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy