redline

Resubmissions

23/03/2023, 17:02

230323-vkk5raha57 10

23/03/2023, 17:00

230323-vh1gnaha48 1

Sharing

Copy URL

Twitter E-mail

General

Target

https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbllaU1FSMnJWZnA0THJLYjhqdzJhZ1NSLVRPZ3xBQ3Jtc0tsQmVMcUllWVdtXzRiMUdDeGg4MXQxM0xaT2tWaHhGS29NUW1HOENndV9oSlduRDdTcHVWNDF2ZUNwMWRFQzJsMjBOaTJLTVNCZUEyOTdsal91dE9sdDlxU0Y2NFZ0MGRDb3BJN3FyVmgyakc0RDAxZw&q=https%3A%2F%2Ftelegra.ph%2FMega-Hack-V71-03-14&v=yUUSpUapcPc
Sample

230323-vkk5raha57

Score

10^/10

Malware Config

Extracted

Family

redline

Botnet

@FoticeAnalize

37.220.87.8:42823

Attributes

auth_value
5b94c26d41778465fc92ca97325b6cfb

Targets

- Target
  
  https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbllaU1FSMnJWZnA0THJLYjhqdzJhZ1NSLVRPZ3xBQ3Jtc0tsQmVMcUllWVdtXzRiMUdDeGg4MXQxM0xaT2tWaHhGS29NUW1HOENndV9oSlduRDdTcHVWNDF2ZUNwMWRFQzJsMjBOaTJLTVNCZUEyOTdsal91dE9sdDlxU0Y2NFZ0MGRDb3BJN3FyVmgyakc0RDAxZw&q=https%3A%2F%2Ftelegra.ph%2FMega-Hack-V71-03-14&v=yUUSpUapcPc
Score

10^/10

redline @foticeanalize infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Executes dropped EXE
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

T1081

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Executes dropped EXE

Accesses cryptocurrency files/wallets, possible credential harvesting

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks

static1

urlscan1

behavioral1