redline | a77694d524cba3de7f828ee3c2a19308a6da5fafdb4c3320c083e2f681e9832d | Triage

Sharing

General

Target

0b781d805d90743544803c2159e368f7.exe
Size

26KB
Sample

210319-sbxa7q9zda
MD5

0b781d805d90743544803c2159e368f7
SHA1

bdd041b20f5e1a839081ea89ba5a7fe110d7a26b
SHA256

a77694d524cba3de7f828ee3c2a19308a6da5fafdb4c3320c083e2f681e9832d
SHA512

31db82e9a47b64a8a8ca23787cfd39bca83d1cb6addb095752a17755d6a855dadafc7c45be55c962c9677d56aa60473d97a6bdf4164209f1c0e6b40e18d3c4bb

Score

10^/10

redline infostealer

Malware Config

Targets

- Target
  
  0b781d805d90743544803c2159e368f7.exe
- Size
  
  26KB
- MD5
  
  0b781d805d90743544803c2159e368f7
- SHA1
  
  bdd041b20f5e1a839081ea89ba5a7fe110d7a26b
- SHA256
  
  a77694d524cba3de7f828ee3c2a19308a6da5fafdb4c3320c083e2f681e9832d
- SHA512
  
  31db82e9a47b64a8a8ca23787cfd39bca83d1cb6addb095752a17755d6a855dadafc7c45be55c962c9677d56aa60473d97a6bdf4164209f1c0e6b40e18d3c4bb
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer