Description
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
General
Target
Size
Sample
bbf6333049734115878e6b4be657504e87aa290da228477175963edfdb3a3051
482KB
220326-kf9bnsaeg4
Score
10/10
MD5
SHA1
SHA256
SHA512
36a1cc43403a58fd1e704fa35a7e4de6
b7bcc8e43ab11bdcfae71d91acbd1895e058aea1
bbf6333049734115878e6b4be657504e87aa290da228477175963edfdb3a3051
20c289d5660729bc42db81426075a17379407637f2ea1c81411249a3213d40b8ae38bd9f0f5a85ca62af6bab060b047931af4433b5febc60ba559dd9bc98c5e6
Malware Config
Extracted
| Family | redline |
| Botnet | 1 |
| C2 |
45.14.49.66:35200 |
Targets
Target
MD5
Filesize
bbf6333049734115878e6b4be657504e87aa290da228477175963edfdb3a3051
36a1cc43403a58fd1e704fa35a7e4de6
482KB
Score
10/10
SHA1
SHA256
SHA512
b7bcc8e43ab11bdcfae71d91acbd1895e058aea1
bbf6333049734115878e6b4be657504e87aa290da228477175963edfdb3a3051
20c289d5660729bc42db81426075a17379407637f2ea1c81411249a3213d40b8ae38bd9f0f5a85ca62af6bab060b047931af4433b5febc60ba559dd9bc98c5e6
Tags
Signatures
-
RedLine
-
RedLine Payload
-
Suspicious use of SetThreadContext
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks
static1
Score
N/A
behavioral1
Score
10/10
behavioral2
Score
10/10