redline | 887084bcfd243d9c685a80c8b94ff04b56936b6a282988a2488463ba70e7d054 | Triage

Submit
Reports

Overview

overview

Static

static

ec66eab3f9...fb.exe

windows7_x64

ec66eab3f9...fb.exe

windows10_x64

Sharing

General

Target

ec66eab3f9fa5acc44e03c63d0de39fb.exe
Size

24KB
Sample

210210-mcymdfl4qe
MD5

ec66eab3f9fa5acc44e03c63d0de39fb
SHA1

1f2de778b6345c7e37e902fe3f0a0e53ec442b5a
SHA256

887084bcfd243d9c685a80c8b94ff04b56936b6a282988a2488463ba70e7d054
SHA512

f5341d1906ee99127515f89d273292ad8cb278319374fe5b16bd0c805794613dadaa2a0cc1b040fd44b45ff92864738da6ed6a3840b647bb301fa3b70b082527

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

ec66eab3f9fa5acc44e03c63d0de39fb.exe

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ec66eab3f9fa5acc44e03c63d0de39fb.exe

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  ec66eab3f9fa5acc44e03c63d0de39fb.exe
- Size
  
  24KB
- MD5
  
  ec66eab3f9fa5acc44e03c63d0de39fb
- SHA1
  
  1f2de778b6345c7e37e902fe3f0a0e53ec442b5a
- SHA256
  
  887084bcfd243d9c685a80c8b94ff04b56936b6a282988a2488463ba70e7d054
- SHA512
  
  f5341d1906ee99127515f89d273292ad8cb278319374fe5b16bd0c805794613dadaa2a0cc1b040fd44b45ff92864738da6ed6a3840b647bb301fa3b70b082527
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy