redline | 15b31a3a4ab58991a4e7c7e2cc49fdec1002ea907effb2402b949263dcf0a0bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15b31a3a4ab58991a4e7c7e2cc49fdec1002ea907effb2402b949263dcf0a0bd
Size

261KB
Sample

230320-bgflbaba35
MD5

3db6d94b8df4916aa7cb0d67f2bba3f6
SHA1

b27b508ce16462268b6a96a727007755fe62c8a1
SHA256

15b31a3a4ab58991a4e7c7e2cc49fdec1002ea907effb2402b949263dcf0a0bd
SHA512

47495567ab11743ec6e16ca61f86904a27383c6feb6c6d45015215679549a7137ca007164bc8ed9e5aa6a26006433327600679c4803ebb98d4c980e92dd0c1d4
SSDEEP

3072:UvmEID31U40ByUrwJ9Cfo25a1Ts0f1BiAHon3aLOoPTrXkVmPvFPtoHwKqZJxIxB:4m5lUF1wJ9CfoR1TsC1NwQ/emXFiHwKn

Score

10^/10

redline rocket infostealer spyware

Malware Config

Extracted

Family

redline

Botnet

Rocket

C2

95.217.188.21:7283

Attributes

auth_value
0095203c91b01efccf3842dc176e53f2

Targets

- Target
  
  15b31a3a4ab58991a4e7c7e2cc49fdec1002ea907effb2402b949263dcf0a0bd
- Size
  
  261KB
- MD5
  
  3db6d94b8df4916aa7cb0d67f2bba3f6
- SHA1
  
  b27b508ce16462268b6a96a727007755fe62c8a1
- SHA256
  
  15b31a3a4ab58991a4e7c7e2cc49fdec1002ea907effb2402b949263dcf0a0bd
- SHA512
  
  47495567ab11743ec6e16ca61f86904a27383c6feb6c6d45015215679549a7137ca007164bc8ed9e5aa6a26006433327600679c4803ebb98d4c980e92dd0c1d4
- SSDEEP
  
  3072:UvmEID31U40ByUrwJ9Cfo25a1Ts0f1BiAHon3aLOoPTrXkVmPvFPtoHwKqZJxIxB:4m5lUF1wJ9CfoR1TsC1NwQ/emXFiHwKn
Score

10^/10

redline rocket infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinerocketinfostealerspyware

behavioral2

redlinerocketinfostealerspyware