redline | 2eb37b1a65e93d5619e44bb3734b321c97f195a6d079386194a84a5a1617c2dc | Triage

Submit
Reports

Overview

overview

Static

static

6997c18c23...6f.exe

windows7_x64

6997c18c23...6f.exe

windows10_x64

Sharing

General

Target

6997c18c233c36c25ef1ce1227da836f.exe
Size

25KB
Sample

210125-v3fjwqy4ts
MD5

6997c18c233c36c25ef1ce1227da836f
SHA1

8f15dcd5942b3afc42b3cbb1fed2869ebe5e106b
SHA256

2eb37b1a65e93d5619e44bb3734b321c97f195a6d079386194a84a5a1617c2dc
SHA512

c48475030eb159479845c08b62879db01ebe4dec5d472f8769af34e3581f9dbf896249c982bf47facb12882cab011fe2647d37842274480d64ff7f452e3a4765

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

6997c18c233c36c25ef1ce1227da836f.exe

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6997c18c233c36c25ef1ce1227da836f.exe

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  6997c18c233c36c25ef1ce1227da836f.exe
- Size
  
  25KB
- MD5
  
  6997c18c233c36c25ef1ce1227da836f
- SHA1
  
  8f15dcd5942b3afc42b3cbb1fed2869ebe5e106b
- SHA256
  
  2eb37b1a65e93d5619e44bb3734b321c97f195a6d079386194a84a5a1617c2dc
- SHA512
  
  c48475030eb159479845c08b62879db01ebe4dec5d472f8769af34e3581f9dbf896249c982bf47facb12882cab011fe2647d37842274480d64ff7f452e3a4765
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy