redline | dac87834202c054525c35d38d12c32dd18ac8b9b45b5d11f340fae8f6a287414 | Triage

Sharing

General

Target

5990bc0ea66f7d93280aa056f70f8c69.exe
Size

27KB
Sample

210319-ldfevfnb6a
MD5

5990bc0ea66f7d93280aa056f70f8c69
SHA1

723bd1c2e99c9c4625d08971ea2fd7a3308cc5f2
SHA256

dac87834202c054525c35d38d12c32dd18ac8b9b45b5d11f340fae8f6a287414
SHA512

9f85b9fb72580c2d338933cecec9cdeacc9eebeae5deb2716084d3a2f7eba799d4e813b52027fba01eb329ed7933a7cb90ec7d1245ec26c99fca7ce6d5b1e051

Score

10^/10

redline infostealer

Malware Config

Targets

- Target
  
  5990bc0ea66f7d93280aa056f70f8c69.exe
- Size
  
  27KB
- MD5
  
  5990bc0ea66f7d93280aa056f70f8c69
- SHA1
  
  723bd1c2e99c9c4625d08971ea2fd7a3308cc5f2
- SHA256
  
  dac87834202c054525c35d38d12c32dd18ac8b9b45b5d11f340fae8f6a287414
- SHA512
  
  9f85b9fb72580c2d338933cecec9cdeacc9eebeae5deb2716084d3a2f7eba799d4e813b52027fba01eb329ed7933a7cb90ec7d1245ec26c99fca7ce6d5b1e051
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer