redline | 8412cbe94182692e68eb7aa62c5b0eb7f550a44438f89699a97969779c12ef3a | Triage

Sharing

General

Target

8412cbe94182692e68eb7aa62c5b0eb7f550a44438f89699a97969779c12ef3a
Size

386KB
Sample

220601-1dyedsfcan
MD5

f460fa95edf4b247c957aa246825948a
SHA1

fd3f666b9385e447d9f5885bdce01cb62034cb03
SHA256

8412cbe94182692e68eb7aa62c5b0eb7f550a44438f89699a97969779c12ef3a
SHA512

d968470c301ef4ffcf0bf2c260bb92a08eac57728612d21d89a4add14a697710a87ebfc163a19171b18f2922ba829660ee2a402099c3a3331fc99d6483dfa195

Score

10^/10

redline mx discovery infostealer spyware stealer

Malware Config

Extracted

Family

redline

Botnet

mx

C2

193.106.191.222:23196

Attributes

auth_value
8cfa634189948115f1f5e1900e4b66b6

Targets

- Target
  
  8412cbe94182692e68eb7aa62c5b0eb7f550a44438f89699a97969779c12ef3a
- Size
  
  386KB
- MD5
  
  f460fa95edf4b247c957aa246825948a
- SHA1
  
  fd3f666b9385e447d9f5885bdce01cb62034cb03
- SHA256
  
  8412cbe94182692e68eb7aa62c5b0eb7f550a44438f89699a97969779c12ef3a
- SHA512
  
  d968470c301ef4ffcf0bf2c260bb92a08eac57728612d21d89a4add14a697710a87ebfc163a19171b18f2922ba829660ee2a402099c3a3331fc99d6483dfa195
Score

10^/10

redline mx discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinemxdiscoveryinfostealerspywarestealer