Overview

overview

10

Static

static

9c89ef1523...a3.exe

windows7_x64

10

9c89ef1523...a3.exe

windows10-2004_x64

4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9c89ef1523fd37600bfcf62e13d093cbaf1fde49e10a17a974431f790047aaa3

  • Size

    289KB

  • Sample

    220215-jlh61acdd8

  • MD5

    ccd8ea2ab3d166bc28fb898e053798a7

  • SHA1

    377e8af55b37087cdf78256c693a9c6b14eb43e5

  • SHA256

    9c89ef1523fd37600bfcf62e13d093cbaf1fde49e10a17a974431f790047aaa3

  • SHA512

    7ccf5e5b41a8fc5fcb92d3c10ebbd4c23de4747ce3cfacc051c32784ceef307621c3945bbab6a850d01c31e7f6e7c101d0811824c2cdc4177c1201bca83e1734

Score
10/10
redline14infostealer

Malware Config

Extracted

Family

redline

Botnet

14

C2

136.144.41.178:9295

Attributes
  • auth_value

    b0e514592291815526e908c2e0d917b4

Targets

    • Target

      9c89ef1523fd37600bfcf62e13d093cbaf1fde49e10a17a974431f790047aaa3

    • Size

      289KB

    • MD5

      ccd8ea2ab3d166bc28fb898e053798a7

    • SHA1

      377e8af55b37087cdf78256c693a9c6b14eb43e5

    • SHA256

      9c89ef1523fd37600bfcf62e13d093cbaf1fde49e10a17a974431f790047aaa3

    • SHA512

      7ccf5e5b41a8fc5fcb92d3c10ebbd4c23de4747ce3cfacc051c32784ceef307621c3945bbab6a850d01c31e7f6e7c101d0811824c2cdc4177c1201bca83e1734

    Score
    10/10
    redline14infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks