redline | 59a8083391f2d47e161cf0caa51da1ea77898657941279135a3a66e10dfc1237 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004_x64

Sharing

General

Target

59a8083391f2d47e161cf0caa51da1ea77898657941279135a3a66e10dfc1237
Size

465KB
Sample

220226-3haj8schbn
MD5

c71425e3cc3c2e52e15f6554d510e6a8
SHA1

136db115777778a0ecb9d459d3ace8c98542aafb
SHA256

59a8083391f2d47e161cf0caa51da1ea77898657941279135a3a66e10dfc1237
SHA512

b0838277e82abe6e2df4cbf899d72c7faf92874800a6dd5fae4f9b6effa45543cbcd5cca934c351942ddfb52db3a0fc399199d7497faa079e8ed82ad77c536ba

Score

10^/10

redline yt infostealer

Static task

static1

Behavioral task

behavioral1

Sample

59a8083391f2d47e161cf0caa51da1ea77898657941279135a3a66e10dfc1237.exe

Resource

win10v2004-en-20220113

redline yt infostealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

yt

C2

65.21.1.119:24371

Attributes

auth_value
a7960fdd4739462c8f9231095a524ac3

Targets

- Target
  
  59a8083391f2d47e161cf0caa51da1ea77898657941279135a3a66e10dfc1237
- Size
  
  465KB
- MD5
  
  c71425e3cc3c2e52e15f6554d510e6a8
- SHA1
  
  136db115777778a0ecb9d459d3ace8c98542aafb
- SHA256
  
  59a8083391f2d47e161cf0caa51da1ea77898657941279135a3a66e10dfc1237
- SHA512
  
  b0838277e82abe6e2df4cbf899d72c7faf92874800a6dd5fae4f9b6effa45543cbcd5cca934c351942ddfb52db3a0fc399199d7497faa079e8ed82ad77c536ba
Score

10^/10

redline yt infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of NtCreateProcessExOtherParentProcess
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlineytinfostealer

© 2018-2024

Terms | Privacy