redline | 275b527d14d8cfd6494cda04718e8e77a05a8779d034119d1772590be6257348 | Triage

Sharing

General

Target

46AF013AC14876AB502AEF13540BD007.exe
Size

65KB
Sample

210323-5rzdbkcqwe
MD5

46af013ac14876ab502aef13540bd007
SHA1

5ced5ae95a3d4a302204a9c223e1ff0f0d161bd8
SHA256

275b527d14d8cfd6494cda04718e8e77a05a8779d034119d1772590be6257348
SHA512

48ec87b9d9ba3ca6f3fe4b5835ddca2c94d07baf9ccb1707d11af978859a41e770627ae99bf4d528c76b5ee13c6df0769cfddc12f15680f5d201f27023ecae63

Score

10^/10

redline infostealer

Malware Config

Targets

- Target
  
  46AF013AC14876AB502AEF13540BD007.exe
- Size
  
  65KB
- MD5
  
  46af013ac14876ab502aef13540bd007
- SHA1
  
  5ced5ae95a3d4a302204a9c223e1ff0f0d161bd8
- SHA256
  
  275b527d14d8cfd6494cda04718e8e77a05a8779d034119d1772590be6257348
- SHA512
  
  48ec87b9d9ba3ca6f3fe4b5835ddca2c94d07baf9ccb1707d11af978859a41e770627ae99bf4d528c76b5ee13c6df0769cfddc12f15680f5d201f27023ecae63
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer