redline | 7dd8274d9c755c46f84c814722ea8dfc23ee9b974723c0f0cc94be39df080f55 | Triage

Submit
Reports

Overview

overview

Static

static

9fba94f364...64.exe

windows7_x64

9fba94f364...64.exe

windows10_x64

Sharing

General

Target

9fba94f364070b04c0fdb8571f9e3d64.zip
Size

99KB
Sample

210311-lh6mgn62tn
MD5

bead6684552e2a78668bb41744042732
SHA1

9bbf77cd8a75428796b2a4a9e8cf0c25aca29d61
SHA256

7dd8274d9c755c46f84c814722ea8dfc23ee9b974723c0f0cc94be39df080f55
SHA512

98959fdd36680f2d5809d624a199f98f3073af8152bba53e5e50077fde19cde5e07c7a9c860b426d14c9c3d685435e00e178f78fe856cb63fbd5e4d90dc1b3d2

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

9fba94f364070b04c0fdb8571f9e3d64.exe

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

9fba94f364070b04c0fdb8571f9e3d64.exe

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  9fba94f364070b04c0fdb8571f9e3d64
- Size
  
  159KB
- MD5
  
  9fba94f364070b04c0fdb8571f9e3d64
- SHA1
  
  77f8f9f82d5df03dc30f6fc57f76d915bd4a55a5
- SHA256
  
  b31f3cc34aeb0e3049bfacb9d08adaca44c44ddf41d47c8132fd52c4b5103cc4
- SHA512
  
  ebff32e496d5f9175795b0127eee79ccb25ff0de9eaa2f8d3107ac0a32f751f30a0cac04e36966a29f2cc15814e8df9021338262650bf312f3598ede17fa1e59
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy