redline | 22932ac12c61f7ade37d16a82ad02d08259263020f4a465d15f2830fa03df12b | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file.exe
Size

217KB
Sample

221123-ntfhascg4z
MD5

994582a9698bff38051a6ecb1522c30b
SHA1

79bdca7a44e56665a11c71c34b334321a39e16cd
SHA256

22932ac12c61f7ade37d16a82ad02d08259263020f4a465d15f2830fa03df12b
SHA512

290c4046453cb242ca57c24e739557f3d683511bcb1aa59398b04d1372e85f402bc2527542665355459692bc78664441d4f0a3d816cc349dfad9f427e765e4a3
SSDEEP

3072:LT4vq60E/oW+24ETyre2xRc0jqr76OlnA9DMpYU4KZe8JbJ3Yl6PR+cpY8jwGS:LMvr0E/oywe2xrjq6O4MJ4bM5Y4+cE

Score

10^/10

redline @madboyza infostealer

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20220812-en

redline @madboyza infostealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20221111-en

redline @madboyza infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

@madboyza

C2

193.106.191.138:32796

Attributes

auth_value
9bfce7bfb110f8f53d96c7a32c655358

Targets

- Target
  
  file.exe
- Size
  
  217KB
- MD5
  
  994582a9698bff38051a6ecb1522c30b
- SHA1
  
  79bdca7a44e56665a11c71c34b334321a39e16cd
- SHA256
  
  22932ac12c61f7ade37d16a82ad02d08259263020f4a465d15f2830fa03df12b
- SHA512
  
  290c4046453cb242ca57c24e739557f3d683511bcb1aa59398b04d1372e85f402bc2527542665355459692bc78664441d4f0a3d816cc349dfad9f427e765e4a3
- SSDEEP
  
  3072:LT4vq60E/oW+24ETyre2xRc0jqr76OlnA9DMpYU4KZe8JbJ3Yl6PR+cpY8jwGS:LMvr0E/oywe2xrjq6O4MJ4bM5Y4+cE
Score

10^/10

redline @madboyza infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@madboyzainfostealer

behavioral2

redline@madboyzainfostealer

© 2018-2024

Terms | Privacy