redline | e88c0fce057fa8b8ede91c4a7dad3d1ac44d778ee07c53867d0a43c27b80b456 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004_x64

Sharing

General

Target

e88c0fce057fa8b8ede91c4a7dad3d1ac44d778ee07c53867d0a43c27b80b456
Size

25KB
Sample

220702-c27qzaebf8
MD5

6834926c30fd22ac84c7644f591368fe
SHA1

1604ee348152008cbf7559b477139557531ce141
SHA256

e88c0fce057fa8b8ede91c4a7dad3d1ac44d778ee07c53867d0a43c27b80b456
SHA512

16309e049e62b7fda55e64821e3b7164b88a9405a7edca12f9e97ca8afba22c63fb7e7e130ce5a3aee95b67bc466a105b26a64f202c595f17e3d0080c6e7a035

Score

10^/10

redline build infostealer spyware

Static task

static1

Behavioral task

behavioral1

Sample

e88c0fce057fa8b8ede91c4a7dad3d1ac44d778ee07c53867d0a43c27b80b456.exe

Resource

win10v2004-20220414-en

redline build infostealer spyware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

build

C2

172.93.213.137:7525

Targets

- Target
  
  e88c0fce057fa8b8ede91c4a7dad3d1ac44d778ee07c53867d0a43c27b80b456
- Size
  
  25KB
- MD5
  
  6834926c30fd22ac84c7644f591368fe
- SHA1
  
  1604ee348152008cbf7559b477139557531ce141
- SHA256
  
  e88c0fce057fa8b8ede91c4a7dad3d1ac44d778ee07c53867d0a43c27b80b456
- SHA512
  
  16309e049e62b7fda55e64821e3b7164b88a9405a7edca12f9e97ca8afba22c63fb7e7e130ce5a3aee95b67bc466a105b26a64f202c595f17e3d0080c6e7a035
Score

10^/10

redline build infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinebuildinfostealerspyware

© 2018-2024

Terms | Privacy