redline | 79d5b3a1a8b602ecb6ffb87e5c42acdaa4403e81cb3dcf859e573392c2350dc0 | Triage

Submit
Reports

Overview

overview

Static

static

a1182b4676...85.exe

windows7_x64

a1182b4676...85.exe

windows10_x64

Sharing

General

Target

a1182b4676f7830192db7e7e030e3a85.exe
Size

21KB
Sample

210215-k91b1cdcen
MD5

a1182b4676f7830192db7e7e030e3a85
SHA1

0f97efe75ef111f5ae8f4141a4d32bb2cbaf7ced
SHA256

79d5b3a1a8b602ecb6ffb87e5c42acdaa4403e81cb3dcf859e573392c2350dc0
SHA512

3df830a7d4fd0fa27f1d07a47bb0f74533ed6ae06c63e7abdaa84b8cb56e931a0c8032dd5b281e0c2fde44a210c5416ad8f7a29e186bbd099702a34e93822192

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

a1182b4676f7830192db7e7e030e3a85.exe

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

a1182b4676f7830192db7e7e030e3a85.exe

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  a1182b4676f7830192db7e7e030e3a85.exe
- Size
  
  21KB
- MD5
  
  a1182b4676f7830192db7e7e030e3a85
- SHA1
  
  0f97efe75ef111f5ae8f4141a4d32bb2cbaf7ced
- SHA256
  
  79d5b3a1a8b602ecb6ffb87e5c42acdaa4403e81cb3dcf859e573392c2350dc0
- SHA512
  
  3df830a7d4fd0fa27f1d07a47bb0f74533ed6ae06c63e7abdaa84b8cb56e931a0c8032dd5b281e0c2fde44a210c5416ad8f7a29e186bbd099702a34e93822192
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy