redline | c7d5dd0beceb52c4fff552eaaabea06762ef25df633576867798137dbfe8dc8d | Triage

Submit
Reports

Overview

overview

Static

static

3b334f5be4...8f.exe

windows7_x64

3b334f5be4...8f.exe

windows10_x64

Sharing

General

Target

3b334f5be40db0d3591a36a7f63c768f.exe
Size

91KB
Sample

210425-5qcsb61gha
MD5

3b334f5be40db0d3591a36a7f63c768f
SHA1

3373642d7ddbd24ce5a4781874f3be27825cd3ad
SHA256

c7d5dd0beceb52c4fff552eaaabea06762ef25df633576867798137dbfe8dc8d
SHA512

5949336ef32be032297a69f73fa3e11e464581afe5c495c972a2ee35c1699465d0317f151948d252ec64887fb76bb6886fff3f1383b57cfa902acc239eb96980

Score

10^/10

redline 3 infostealer spyware

Static task

static1

Behavioral task

behavioral1

Sample

3b334f5be40db0d3591a36a7f63c768f.exe

Resource

win7v20210408

redline 3 infostealer spyware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3b334f5be40db0d3591a36a7f63c768f.exe

Resource

win10v20210410

redline 3 infostealer spyware

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

3

C2

ureltodwie.xyz:80

Targets

- Target
  
  3b334f5be40db0d3591a36a7f63c768f.exe
- Size
  
  91KB
- MD5
  
  3b334f5be40db0d3591a36a7f63c768f
- SHA1
  
  3373642d7ddbd24ce5a4781874f3be27825cd3ad
- SHA256
  
  c7d5dd0beceb52c4fff552eaaabea06762ef25df633576867798137dbfe8dc8d
- SHA512
  
  5949336ef32be032297a69f73fa3e11e464581afe5c495c972a2ee35c1699465d0317f151948d252ec64887fb76bb6886fff3f1383b57cfa902acc239eb96980
Score

10^/10

redline 3 infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline3infostealerspyware

behavioral2

redline3infostealerspyware

© 2018-2024

Terms | Privacy