redline | 48fa9c51e38f1ddb49c199aa73f2963fa61ffd08656fdebf937818edb4fffee5 | Triage

Sharing

General

Target

1691693f16e500f8f69002c23ea3fee8.exe
Size

27KB
Sample

210323-p96cd8pwna
MD5

1691693f16e500f8f69002c23ea3fee8
SHA1

6f77794ed1ee85e6fd9dd299c101ea1a30e0de2e
SHA256

48fa9c51e38f1ddb49c199aa73f2963fa61ffd08656fdebf937818edb4fffee5
SHA512

dd755badf8714f3d2d40624ded4135b3de610dffc005e72e18bea3d78f0c67fea8853cb6c249856b31d5cd70e7c7f11fa57d138c6b29dd9791c6777bc37ab7a6

Score

10^/10

redline infostealer

Malware Config

Targets

- Target
  
  1691693f16e500f8f69002c23ea3fee8.exe
- Size
  
  27KB
- MD5
  
  1691693f16e500f8f69002c23ea3fee8
- SHA1
  
  6f77794ed1ee85e6fd9dd299c101ea1a30e0de2e
- SHA256
  
  48fa9c51e38f1ddb49c199aa73f2963fa61ffd08656fdebf937818edb4fffee5
- SHA512
  
  dd755badf8714f3d2d40624ded4135b3de610dffc005e72e18bea3d78f0c67fea8853cb6c249856b31d5cd70e7c7f11fa57d138c6b29dd9791c6777bc37ab7a6
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer