redline | 1c89ef56b6377d88737f9afaa344f0f729476691aefdefe556162b6673f93499 | Triage

Sharing

General

Target

1c89ef56b6377d88737f9afaa344f0f729476691aefdefe556162b6673f93499
Size

379KB
Sample

220525-nlnhyaeacj
MD5

c5cd7a1ca416f2069374d6822a4eebc0
SHA1

5d4e54038d6fcef1efba3969a8f40fef3af6fee7
SHA256

1c89ef56b6377d88737f9afaa344f0f729476691aefdefe556162b6673f93499
SHA512

580c937ff6e21714b9cf602204c3d0a275b4f44db1bc42af77fc0cd59a93bf253607860aff2959d28809c962fd70b70a81a7761ce6480b7218414ef88b54ae75

Score

10^/10

redline top discovery infostealer spyware stealer

Malware Config

Extracted

Family

redline

Botnet

top

C2

185.215.113.75:81

Attributes

auth_value
ff6259bc2baf33b54b454aad484fb0ee

Targets

- Target
  
  1c89ef56b6377d88737f9afaa344f0f729476691aefdefe556162b6673f93499
- Size
  
  379KB
- MD5
  
  c5cd7a1ca416f2069374d6822a4eebc0
- SHA1
  
  5d4e54038d6fcef1efba3969a8f40fef3af6fee7
- SHA256
  
  1c89ef56b6377d88737f9afaa344f0f729476691aefdefe556162b6673f93499
- SHA512
  
  580c937ff6e21714b9cf602204c3d0a275b4f44db1bc42af77fc0cd59a93bf253607860aff2959d28809c962fd70b70a81a7761ce6480b7218414ef88b54ae75
Score

10^/10

redline top discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinetopdiscoveryinfostealerspywarestealer