redline | 6f47a63c27a7b43f0e02519f48775a6c4ea7ecaa3100a9aced76818886551944 | Triage

Submit
Reports

Overview

overview

Static

static

winprofile

windows7_x64

winprofile

windows10_x64

Sharing

General

Target

6f47a63c27a7b43f0e02519f48775a6c4ea7ecaa3100a9aced76818886551944
Size

1.6MB
Sample

220706-17tcjacaa7
MD5

08368d481bb00407dd744349ce9653a7
SHA1

cf1210eca1029d0eb9f9fb792619ad57bbdb0180
SHA256

6f47a63c27a7b43f0e02519f48775a6c4ea7ecaa3100a9aced76818886551944
SHA512

51971b4d8887a0391f6256c85051665a3ae7dd944c7bc4485959b36498f8e3f2ac401eccd2954f6a20b3ffb827406d554499b28a64f525fa7324dd65f9dd5e77

Score

10^/10

redline subzero infostealer spyware

Static task

static1

Behavioral task

behavioral1

Sample

6f47a63c27a7b43f0e02519f48775a6c4ea7ecaa3100a9aced76818886551944.exe

Resource

win7-20220414-en

redline subzero infostealer spyware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6f47a63c27a7b43f0e02519f48775a6c4ea7ecaa3100a9aced76818886551944.exe

Resource

win10-20220414-en

redline subzero infostealer spyware

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

SUBZERO

C2

185.215.113.217:19618

Attributes

auth_value
019ff2a82025cde517e4466362191205

Targets

- Target
  
  6f47a63c27a7b43f0e02519f48775a6c4ea7ecaa3100a9aced76818886551944
- Size
  
  1.6MB
- MD5
  
  08368d481bb00407dd744349ce9653a7
- SHA1
  
  cf1210eca1029d0eb9f9fb792619ad57bbdb0180
- SHA256
  
  6f47a63c27a7b43f0e02519f48775a6c4ea7ecaa3100a9aced76818886551944
- SHA512
  
  51971b4d8887a0391f6256c85051665a3ae7dd944c7bc4485959b36498f8e3f2ac401eccd2954f6a20b3ffb827406d554499b28a64f525fa7324dd65f9dd5e77
Score

10^/10

redline subzero infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinesubzeroinfostealerspyware

behavioral2

redlinesubzeroinfostealerspyware

© 2018-2024

Terms | Privacy