redline | 9cdecc74f98b1e58cf5dbf031af632854de13ae80226c462f18517bf1774d841 | Triage

Sharing

General

Target

1352-57-0x000000000E840000-0x000000000E878000-memory.dmp
Size

224KB
Sample

221209-1p1c5ahc8t
MD5

115e96a6f7f7ed611c47aeedc7fd91ca
SHA1

f48b802b4eb36836cb45aa5084307ba9a2ecab6b
SHA256

9cdecc74f98b1e58cf5dbf031af632854de13ae80226c462f18517bf1774d841
SHA512

a11a0d736ae62ca9100c68df033038cac0dff906ed5bca1c2534243c6dcafbfc95990e19660872efd170145904d526cd8c4c26cecf1a5c9a09d5f3e577f93e04
SSDEEP

3072:a6V+goBZUQMFACYAOXABQ6/q64IxqA4M9krzpiui:a6V+dUlXLOz

Score

10^/10

redline youtube discovery infostealer spyware stealer

Malware Config

Extracted

Family

redline

Botnet

Youtube

C2

94.130.25.22:7996

Attributes

auth_value
6813bf51368103ee00321290e8b3d6d5

Targets

- Target
  
  1352-57-0x000000000E840000-0x000000000E878000-memory.dmp
- Size
  
  224KB
- MD5
  
  115e96a6f7f7ed611c47aeedc7fd91ca
- SHA1
  
  f48b802b4eb36836cb45aa5084307ba9a2ecab6b
- SHA256
  
  9cdecc74f98b1e58cf5dbf031af632854de13ae80226c462f18517bf1774d841
- SHA512
  
  a11a0d736ae62ca9100c68df033038cac0dff906ed5bca1c2534243c6dcafbfc95990e19660872efd170145904d526cd8c4c26cecf1a5c9a09d5f3e577f93e04
- SSDEEP
  
  3072:a6V+goBZUQMFACYAOXABQ6/q64IxqA4M9krzpiui:a6V+dUlXLOz
Score

10^/10

redline youtube discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlineyoutubediscoveryinfostealerspywarestealer

behavioral2

redlineyoutubeinfostealerspywarestealer