redline | 47df9dc781ba4838ad11774352720e56ad0b37031f8f4fdc5e2ed46892a208c4 | Triage

Sharing

General

Target

47df9dc781ba4838ad11774352720e56ad0b37031f8f4fdc5e2ed46892a208c4
Size

298KB
Sample

220215-q23c5sgggk
MD5

d6e5d931d11712513da27579529eaf84
SHA1

ada264bd0a1faddc48308bfef83d6452b63f1285
SHA256

47df9dc781ba4838ad11774352720e56ad0b37031f8f4fdc5e2ed46892a208c4
SHA512

568678062cfab25ff9aa61dc86172d45dbca147675b39fac462a88b2e1b80a29ec24a12f45750f8a2727f4a9bc7e6a59a095671714fc5e0d3b83ceb4520d6c9f

Score

10^/10

redline 13 infostealer

Malware Config

Extracted

Family

redline

Botnet

13

C2

136.144.41.178:9295

Attributes

auth_value
1c6e2eeed511298e27022664eb32b903

Targets

- Target
  
  47df9dc781ba4838ad11774352720e56ad0b37031f8f4fdc5e2ed46892a208c4
- Size
  
  298KB
- MD5
  
  d6e5d931d11712513da27579529eaf84
- SHA1
  
  ada264bd0a1faddc48308bfef83d6452b63f1285
- SHA256
  
  47df9dc781ba4838ad11774352720e56ad0b37031f8f4fdc5e2ed46892a208c4
- SHA512
  
  568678062cfab25ff9aa61dc86172d45dbca147675b39fac462a88b2e1b80a29ec24a12f45750f8a2727f4a9bc7e6a59a095671714fc5e0d3b83ceb4520d6c9f
Score

10^/10

redline 13 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redline13infostealer

behavioral2