redline | 4268a707cdc42b0b2543831ff435c280efbab5dc7424bb519bc9a1f3ffaca9a0 | Triage

Sharing

General

Target

4268a707cdc42b0b2543831ff435c280efbab5dc7424bb519bc9a1f3ffaca9a0
Size

217KB
Sample

221123-gh8w5sgc6x
MD5

3ee2d2c044853c61e077deca7aaf46f8
SHA1

7c4eb1cfc50d8084bc4d4247e6d5b442f4b0dae1
SHA256

4268a707cdc42b0b2543831ff435c280efbab5dc7424bb519bc9a1f3ffaca9a0
SHA512

c0a11a8029938e1813cf4dc17b8024606e69049f33d0958ef25235ee68d67cc46b7b700091a41b4573eb8b7114694576aad804e9104565154a5e7c0330ddf788
SSDEEP

3072:JE4v790Lox+J4ETyre2xRc0jqr76OlnA9DMpYU4KZe8JbJ3Yl6PR+cpY8jwVS:JnvZ0Loqwe2xrjq6O4MJ4bM5Y4+cE

Score

10^/10

redline @madboyza infostealer spyware

Malware Config

Extracted

Family

redline

Botnet

@madboyza

C2

193.106.191.138:32796

Attributes

auth_value
9bfce7bfb110f8f53d96c7a32c655358

Targets

- Target
  
  4268a707cdc42b0b2543831ff435c280efbab5dc7424bb519bc9a1f3ffaca9a0
- Size
  
  217KB
- MD5
  
  3ee2d2c044853c61e077deca7aaf46f8
- SHA1
  
  7c4eb1cfc50d8084bc4d4247e6d5b442f4b0dae1
- SHA256
  
  4268a707cdc42b0b2543831ff435c280efbab5dc7424bb519bc9a1f3ffaca9a0
- SHA512
  
  c0a11a8029938e1813cf4dc17b8024606e69049f33d0958ef25235ee68d67cc46b7b700091a41b4573eb8b7114694576aad804e9104565154a5e7c0330ddf788
- SSDEEP
  
  3072:JE4v790Lox+J4ETyre2xRc0jqr76OlnA9DMpYU4KZe8JbJ3Yl6PR+cpY8jwVS:JnvZ0Loqwe2xrjq6O4MJ4bM5Y4+cE
Score

10^/10

redline @madboyza infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Uses the VBS compiler for execution
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@madboyzainfostealerspyware