redline | d895d3572910814cbdde2f48c16ec3fb15a07b2238bb7ec2685f004b527f2cbb | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

d895d3572910814cbdde2f48c16ec3fb15a07b2238bb7ec2685f004b527f2cbb
Size

693KB
Sample

221006-lvrkvahcap
MD5

e740fd2f754a367412bc27005e6aaccb
SHA1

c60104438c97d9966fa698162c82d2d2b2550c0b
SHA256

d895d3572910814cbdde2f48c16ec3fb15a07b2238bb7ec2685f004b527f2cbb
SHA512

d48992867d7032c918fe63bab2141c748c3308becbecf0b07a77370d0f33b1fbca542647f7898ccdd179fd23e2f6a90bc50b2b6d5f2a31060650c7883e55f5d3
SSDEEP

12288:6S2QRXDD1yed0fsU4GSWaOvPESGj4s32xEdRCSTq:6S2Q9NXw2/wPOjdGxY

Score

10^/10

redline h infostealer

Static task

static1

Behavioral task

behavioral1

Sample

d895d3572910814cbdde2f48c16ec3fb15a07b2238bb7ec2685f004b527f2cbb.exe

Resource

win10v2004-20220812-en

redline h infostealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

h

C2

185.106.92.139:16578

Attributes

auth_value
d5aafe5ab67bae4a3f7cda3b2e30f9b7

Targets

- Target
  
  d895d3572910814cbdde2f48c16ec3fb15a07b2238bb7ec2685f004b527f2cbb
- Size
  
  693KB
- MD5
  
  e740fd2f754a367412bc27005e6aaccb
- SHA1
  
  c60104438c97d9966fa698162c82d2d2b2550c0b
- SHA256
  
  d895d3572910814cbdde2f48c16ec3fb15a07b2238bb7ec2685f004b527f2cbb
- SHA512
  
  d48992867d7032c918fe63bab2141c748c3308becbecf0b07a77370d0f33b1fbca542647f7898ccdd179fd23e2f6a90bc50b2b6d5f2a31060650c7883e55f5d3
- SSDEEP
  
  12288:6S2QRXDD1yed0fsU4GSWaOvPESGj4s32xEdRCSTq:6S2Q9NXw2/wPOjdGxY
Score

10^/10

redline h infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinehinfostealer

© 2018-2024

Terms | Privacy