redline | 15b38276f41126099be95a4890a701026de7dc08731930624517842d413632f7 | Triage

Submit
Reports

Overview

overview

Static

static

winprofile

windows7_x64

winprofile

windows10_x64

Sharing

General

Target

15b38276f41126099be95a4890a701026de7dc08731930624517842d413632f7
Size

1.8MB
Sample

220504-158dnsegc3
MD5

5d2367e76275aa61b153bbe5c34e73e6
SHA1

6e3893ebe0e612bdf7923f83f97d7301f152cfa7
SHA256

15b38276f41126099be95a4890a701026de7dc08731930624517842d413632f7
SHA512

c7b418d04c7b555af5bdbd66cdaea8d74a997b0a9e9dc662459ad6baf8b6ae3f1726c45c7b91b6f80c611c1d8f6e78b3e0c3d77f6a8325cc7e913862b16aa6f9

Score

10^/10

redline install infostealer spyware

Static task

static1

Behavioral task

behavioral1

Sample

15b38276f41126099be95a4890a701026de7dc08731930624517842d413632f7.exe

Resource

win7-20220414-en

redline install infostealer spyware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

15b38276f41126099be95a4890a701026de7dc08731930624517842d413632f7.exe

Resource

win10-20220414-en

redline install infostealer spyware

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

install

C2

78.47.98.158:35823

Attributes

auth_value
8eea77189c08cded7fd621fc5ec89caf

Targets

- Target
  
  15b38276f41126099be95a4890a701026de7dc08731930624517842d413632f7
- Size
  
  1.8MB
- MD5
  
  5d2367e76275aa61b153bbe5c34e73e6
- SHA1
  
  6e3893ebe0e612bdf7923f83f97d7301f152cfa7
- SHA256
  
  15b38276f41126099be95a4890a701026de7dc08731930624517842d413632f7
- SHA512
  
  c7b418d04c7b555af5bdbd66cdaea8d74a997b0a9e9dc662459ad6baf8b6ae3f1726c45c7b91b6f80c611c1d8f6e78b3e0c3d77f6a8325cc7e913862b16aa6f9
Score

10^/10

redline install infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlineinstallinfostealerspyware

behavioral2

redlineinstallinfostealerspyware

© 2018-2024

Terms | Privacy