redline | feea736830ca5f27a8bceb7f9ffd01218bbc7301b5d8d3ab5e0716471e5f8ad5 | Triage

Submit
Reports

Overview

overview

Static

static

forderung.pdf.exe

windows7_x64

forderung.pdf.exe

windows10_x64

Sharing

General

Target

forderung.pdf.exe
Size

265KB
Sample

210131-a1vd3mj52n
MD5

e6de6f3450a5dbfc9299a582e74ab242
SHA1

3ecca1133b89e1032b8c77774089accf9ea2af85
SHA256

feea736830ca5f27a8bceb7f9ffd01218bbc7301b5d8d3ab5e0716471e5f8ad5
SHA512

a63f49e5da3bb6153c790272310f288d3e5cbffe23f2d33b30ca6f0911c8728cc09abd2974e1c100172799ea8bb164713ab81bd7b5cb126dbe95d6b1ce1fa472

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

forderung.pdf.exe

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

forderung.pdf.exe

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  forderung.pdf.exe
- Size
  
  265KB
- MD5
  
  e6de6f3450a5dbfc9299a582e74ab242
- SHA1
  
  3ecca1133b89e1032b8c77774089accf9ea2af85
- SHA256
  
  feea736830ca5f27a8bceb7f9ffd01218bbc7301b5d8d3ab5e0716471e5f8ad5
- SHA512
  
  a63f49e5da3bb6153c790272310f288d3e5cbffe23f2d33b30ca6f0911c8728cc09abd2974e1c100172799ea8bb164713ab81bd7b5cb126dbe95d6b1ce1fa472
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy