redline | ef07387febb171883e5b15b03b220cb78691601716b7d2dc0cc5f1373b50d61b | Triage

Sharing

General

Target

ef07387febb171883e5b15b03b220cb78691601716b7d2dc0cc5f1373b50d61b
Size

347KB
Sample

220515-xv3tnafca8
MD5

086fba22ee6ad950cb980aa2452ed0de
SHA1

6e1ddacd78e52a5088608957339b589359e565b9
SHA256

ef07387febb171883e5b15b03b220cb78691601716b7d2dc0cc5f1373b50d61b
SHA512

ceb00eec284644d7ce439d41109695df64d8009c3178ede3a19419fb630db9344d8d3df495d0d12dc48674083947baa991699bb4b411d2b924d1c2862640a7b1

Score

10^/10

redline 51 discovery infostealer spyware stealer

Malware Config

Extracted

Family

redline

Botnet

51

C2

193.106.191.182:23196

Attributes

auth_value
21351f5b8358ade7446b0c10ec81735e

Targets

- Target
  
  ef07387febb171883e5b15b03b220cb78691601716b7d2dc0cc5f1373b50d61b
- Size
  
  347KB
- MD5
  
  086fba22ee6ad950cb980aa2452ed0de
- SHA1
  
  6e1ddacd78e52a5088608957339b589359e565b9
- SHA256
  
  ef07387febb171883e5b15b03b220cb78691601716b7d2dc0cc5f1373b50d61b
- SHA512
  
  ceb00eec284644d7ce439d41109695df64d8009c3178ede3a19419fb630db9344d8d3df495d0d12dc48674083947baa991699bb4b411d2b924d1c2862640a7b1
Score

10^/10

redline 51 discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redline51discoveryinfostealerspywarestealer