redline | e05d9e7b6585e495ecbee84b4ad65e4dfcc812bd3e2a9d5c8d9dfb29472bcd4f | Triage

Sharing

General

Target

e05d9e7b6585e495ecbee84b4ad65e4dfcc812bd3e2a9d5c8d9dfb29472bcd4f
Size

391KB
Sample

220525-ww3dvagbek
MD5

864ec1afdc65feb89684ea223a0b9918
SHA1

7849116ad092c0aac53e44e1c1998a0197f4da26
SHA256

e05d9e7b6585e495ecbee84b4ad65e4dfcc812bd3e2a9d5c8d9dfb29472bcd4f
SHA512

8bac0584de8fe07b268afaa1bf52a66e2cc9e47263eab080f02030bbf380f6be2f6dee7f14b38b17f938079e3a7229d93495f6382f2bcc56fd29921da3066dea

Score

10^/10

redline top discovery infostealer spyware stealer

Malware Config

Extracted

Family

redline

Botnet

top

C2

185.215.113.75:81

Attributes

auth_value
ff6259bc2baf33b54b454aad484fb0ee

Targets

- Target
  
  e05d9e7b6585e495ecbee84b4ad65e4dfcc812bd3e2a9d5c8d9dfb29472bcd4f
- Size
  
  391KB
- MD5
  
  864ec1afdc65feb89684ea223a0b9918
- SHA1
  
  7849116ad092c0aac53e44e1c1998a0197f4da26
- SHA256
  
  e05d9e7b6585e495ecbee84b4ad65e4dfcc812bd3e2a9d5c8d9dfb29472bcd4f
- SHA512
  
  8bac0584de8fe07b268afaa1bf52a66e2cc9e47263eab080f02030bbf380f6be2f6dee7f14b38b17f938079e3a7229d93495f6382f2bcc56fd29921da3066dea
Score

10^/10

redline top discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinetopdiscoveryinfostealerspywarestealer