redline | ced4db50a857760c1f68b6bf53026b63ef3611a7287aee75516963767e3413ae | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

ced4db50a857760c1f68b6bf53026b63ef3611a7287aee75516963767e3413ae
Size

656KB
Sample

211109-qh6apafcg3
MD5

3809f4a381c0f6da1c9bcecf01c66684
SHA1

5c157fd28ba9fe3a0841beb8ed912e550a67ce89
SHA256

ced4db50a857760c1f68b6bf53026b63ef3611a7287aee75516963767e3413ae
SHA512

2bd22a895c8556644d773821a341901144bb8152a21cd3022ed88910515761baaf1281284db937534863491655a51c909eea458051ce10e42b94a92a641b0a5c

Score

10^/10

redline 09.11 infostealer

Static task

static1

Behavioral task

behavioral1

Sample

ced4db50a857760c1f68b6bf53026b63ef3611a7287aee75516963767e3413ae.exe

Resource

win10-en-20211104

redline 09.11 infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

09.11

C2

185.215.113.17:7700

Targets

- Target
  
  ced4db50a857760c1f68b6bf53026b63ef3611a7287aee75516963767e3413ae
- Size
  
  656KB
- MD5
  
  3809f4a381c0f6da1c9bcecf01c66684
- SHA1
  
  5c157fd28ba9fe3a0841beb8ed912e550a67ce89
- SHA256
  
  ced4db50a857760c1f68b6bf53026b63ef3611a7287aee75516963767e3413ae
- SHA512
  
  2bd22a895c8556644d773821a341901144bb8152a21cd3022ed88910515761baaf1281284db937534863491655a51c909eea458051ce10e42b94a92a641b0a5c
Score

10^/10

redline 09.11 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

redline09.11infostealer

© 2018-2024

Terms | Privacy