redline | e07e702d1247fd8b230d21bba94b581f65f27e811c59a28896fcea29ddb3d2de | Triage

Submit
Reports

Overview

overview

Static

static

be1af4ebc3...65.exe

windows7_x64

be1af4ebc3...65.exe

windows10_x64

Sharing

General

Target

be1af4ebc3fa60141274956ad3593f65.exe
Size

530KB
Sample

210219-rnmp2pnycn
MD5

be1af4ebc3fa60141274956ad3593f65
SHA1

1305d884c0b647efb21ea6eaf87158efe8bb958f
SHA256

e07e702d1247fd8b230d21bba94b581f65f27e811c59a28896fcea29ddb3d2de
SHA512

796a9618260ddfc6a82c2a86f954e7eb01d4eb86d98f59a9ea0d3b2eabed67d5ca51f9aa755ed50647ad2ba6d2e1f2d62d9688a44998be9d2e27d34b3e392396

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

be1af4ebc3fa60141274956ad3593f65.exe

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

be1af4ebc3fa60141274956ad3593f65.exe

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  be1af4ebc3fa60141274956ad3593f65.exe
- Size
  
  530KB
- MD5
  
  be1af4ebc3fa60141274956ad3593f65
- SHA1
  
  1305d884c0b647efb21ea6eaf87158efe8bb958f
- SHA256
  
  e07e702d1247fd8b230d21bba94b581f65f27e811c59a28896fcea29ddb3d2de
- SHA512
  
  796a9618260ddfc6a82c2a86f954e7eb01d4eb86d98f59a9ea0d3b2eabed67d5ca51f9aa755ed50647ad2ba6d2e1f2d62d9688a44998be9d2e27d34b3e392396
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy