redline | c232852e4e9603993be57f83b228d67a91612156b063bbcf3fef49d4dd0bbb35 | Triage

Submit
Reports

Overview

overview

Static

static

889960187.exe

windows7_x64

889960187.exe

windows10_x64

Sharing

General

Target

889960187.exe
Size

32KB
Sample

210121-q3eccra8cj
MD5

34cacdc9dc8c314b8cad540d8376b412
SHA1

7eb97309285a88390366eda1c37b18327da4e8eb
SHA256

c232852e4e9603993be57f83b228d67a91612156b063bbcf3fef49d4dd0bbb35
SHA512

4772c68e196cbb3b01a6aa93630cd6eeb7f764b4f132c1b791fa02ef3369460453e1533bd4b67ec36290930768e249b062c54a4375ecd11f7bbc83499c1b8a14

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

889960187.exe

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

889960187.exe

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  889960187.exe
- Size
  
  32KB
- MD5
  
  34cacdc9dc8c314b8cad540d8376b412
- SHA1
  
  7eb97309285a88390366eda1c37b18327da4e8eb
- SHA256
  
  c232852e4e9603993be57f83b228d67a91612156b063bbcf3fef49d4dd0bbb35
- SHA512
  
  4772c68e196cbb3b01a6aa93630cd6eeb7f764b4f132c1b791fa02ef3369460453e1533bd4b67ec36290930768e249b062c54a4375ecd11f7bbc83499c1b8a14
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy