redline | 08a55d793d956d77f0d7680985805e82dffdb387d8e000e6c6c8c8dc1e224f4f | Triage

Sharing

General

Target

08A55D793D956D77F0D7680985805E82DFFDB387D8E00.exe
Size

185KB
Sample

210408-132q7xk63s
MD5

e2ae17aba0a20dd000136e6569ecb91d
SHA1

daae8944d674adbaecc16fcefc7fabeb602cc942
SHA256

08a55d793d956d77f0d7680985805e82dffdb387d8e000e6c6c8c8dc1e224f4f
SHA512

5e484692f279e12f61f0017448e618107ed233cb0cf63445e5ea83bbc2ed6043c13588b14f587b1d8197d96fb4a09dc1ae8e444b353b3781907c1732744366b5

Score

10^/10

redline adobe character animator 2020 discovery infostealer spyware stealer

Malware Config

Extracted

Family

redline

Botnet

Adobe Character Animator 2020

C2

94.103.85.106:35200

Targets

- Target
  
  08A55D793D956D77F0D7680985805E82DFFDB387D8E00.exe
- Size
  
  185KB
- MD5
  
  e2ae17aba0a20dd000136e6569ecb91d
- SHA1
  
  daae8944d674adbaecc16fcefc7fabeb602cc942
- SHA256
  
  08a55d793d956d77f0d7680985805e82dffdb387d8e000e6c6c8c8dc1e224f4f
- SHA512
  
  5e484692f279e12f61f0017448e618107ed233cb0cf63445e5ea83bbc2ed6043c13588b14f587b1d8197d96fb4a09dc1ae8e444b353b3781907c1732744366b5
Score

10^/10

redline discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

adobe character animator 2020redline

behavioral1

redlinediscoveryinfostealerspywarestealer

behavioral2

redlinediscoveryinfostealerspywarestealer