redline | 60a4e3f1d748ace4e6b82ba68fce30bf35b0f2e6bbbb9aa1e8d690c7406b744d | Triage

Submit
Reports

Overview

overview

Static

static

cbdd853150...67.exe

windows7_x64

cbdd853150...67.exe

windows10_x64

Sharing

General

Target

cbdd85315022d3c984a95c7c89c62167.exe
Size

20KB
Sample

210215-368fjg9mej
MD5

cbdd85315022d3c984a95c7c89c62167
SHA1

5556eee0f033dfcd035049e514fa16c465bddfa7
SHA256

60a4e3f1d748ace4e6b82ba68fce30bf35b0f2e6bbbb9aa1e8d690c7406b744d
SHA512

e6ab87ff2facdc6e1bb78dfdb1c517a791934d9baa8ffc83ff90bad4a240609798f197ccb171d2edfb608edb71a134d678849c8addaaed7a6a29896834f6006a

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

cbdd85315022d3c984a95c7c89c62167.exe

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

cbdd85315022d3c984a95c7c89c62167.exe

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  cbdd85315022d3c984a95c7c89c62167.exe
- Size
  
  20KB
- MD5
  
  cbdd85315022d3c984a95c7c89c62167
- SHA1
  
  5556eee0f033dfcd035049e514fa16c465bddfa7
- SHA256
  
  60a4e3f1d748ace4e6b82ba68fce30bf35b0f2e6bbbb9aa1e8d690c7406b744d
- SHA512
  
  e6ab87ff2facdc6e1bb78dfdb1c517a791934d9baa8ffc83ff90bad4a240609798f197ccb171d2edfb608edb71a134d678849c8addaaed7a6a29896834f6006a
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy