redline | 7492380e2ce0aa0eb48e74fbea75227057fdc264a6540327cdb1689c5d49f18c | Triage

Sharing

General

Target

a18f6cf520e6789de67b030aa1a1ee4a625688b1ea956e07001d71e7dccc92fd.zip
Size

130KB
Sample

230328-nsa67aag28
MD5

37ff982cab67e09853fed83193320549
SHA1

f472d9a2b4f039cc6240cff9332aa26ab8d7bc0c
SHA256

7492380e2ce0aa0eb48e74fbea75227057fdc264a6540327cdb1689c5d49f18c
SHA512

4ef76098b5d447122427e465c0d29975bd335220bb38dd8273ecf3cfa5e3aa4a438b71f7190eca4fbd0c170ae48a252c2746cd28df6912cf4a47b581fdb3d74f
SSDEEP

3072:2orhzoS8Md/vvc3O5Vh7tsEgrXKIaFOnrkWbum/b9n3YvYFlDOBJS:2oVzYMdU4VvVIegcm/blYvcmJS

Score

10^/10

redline amazon infostealer

Malware Config

Extracted

Family

redline

Botnet

amazon

C2

185.156.72.48:26464

Attributes

auth_value
9132ba0b711dcd3607fc18072ecd46ef

Targets

- Target
  
  a18f6cf520e6789de67b030aa1a1ee4a625688b1ea956e07001d71e7dccc92fd
- Size
  
  337KB
- MD5
  
  683e329bc5b4fa71056f9ce6de0b50f9
- SHA1
  
  cfd1bc6574b112cbb4e5e572242b7fb341f7459c
- SHA256
  
  a18f6cf520e6789de67b030aa1a1ee4a625688b1ea956e07001d71e7dccc92fd
- SHA512
  
  19aafd110f267ade2c7ca8f872f1e4e27a398ab821937f241c6fb80d2f1e68bbb6ff2a67eeedd63e90f754f2bad37ebd967f4060ba16fd52c75a383f9505b478
- SSDEEP
  
  6144:HRY/IwBjjd6Mn2rm2X1Nl2eQ5iHCGcgTjRjI36fQWfva3RJB4i6R0wjnH:OR6gwAgHCGcgTjRjI36fQWfva3RJB4ia
Score

10^/10

redline amazon infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlineamazoninfostealer

behavioral2

redlineamazoninfostealer