redline | hxxps://google[.]com | Triage

Submit
Reports

Overview

overview

Static

static

URLScan

urlscan

1

https://google.com

windows10-2004-x64

Resubmissions

10-01-2023 20:41

230110-zgh87she82 10

09-01-2023 13:23

230109-qmzcyahg5z 8

30-12-2022 04:52

221230-fhnqjafa36 7

29-12-2022 23:57

221229-3z3x4shg5y 8

29-12-2022 09:56

221229-lyp67afh7x 4

29-12-2022 09:28

221229-lfpspsfh5s 10

29-12-2022 04:18

221229-exfssscc88 1

29-12-2022 04:12

221229-esw9zsfd3z 8

18-12-2022 12:11

221218-pcmqqabh42 8

04-12-2022 12:48

221204-p157zaec6t 10

Sharing

General

Target

https://google.com
Sample

221204-p157zaec6t

Score

10^/10

redline milliondollarsssssssss infostealer

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://google.com

Resource

win10v2004-20220812-en

redline milliondollarsssssssss infostealer

windows10-2004-x64

19 signatures

1800 seconds

Malware Config

Extracted

Family

redline

Botnet

MILLIONDOLLARSSSSSSSSS

C2

195.201.122.190:45976

Attributes

auth_value
971e3b56584ce491575444038fafa07c

Targets

- Target
  
  https://google.com
Score

10^/10

redline milliondollarsssssssss infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Executes dropped EXE
- Uses the VBS compiler for execution
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

urlscan1

behavioral1

redlinemilliondollarsssssssssinfostealer

© 2018-2024

Terms | Privacy