redline | d3a8158d46db1f8476fc7ebef93bd600fbda04bba4bdf9af280f8f9ed6ba1d62 | Triage

Submit
Reports

Overview

overview

Static

static

Redline.rar

windows10-1703-x64

Sharing

General

Target

Redline.rar
Size

14.6MB
Sample

230329-xz8kpshf24
MD5

319528db2efe3c3c70f2055c2124cde0
SHA1

65d0f7a4fadf37c31b36b3f7cc8a41aaa900a948
SHA256

d3a8158d46db1f8476fc7ebef93bd600fbda04bba4bdf9af280f8f9ed6ba1d62
SHA512

4d6934a174ea25e345ea1ab271fe2ba13212f09d67f8237077c66563aaefa5fe2f6cf8943871f320cd3c57f2d72e107a59df898b3c2c15d8428c9b15f56b69c2
SSDEEP

393216:PIqhkgQh8zMXpThNGO1o+F6vMSmR8+nVtck0j:gqARXhh1tF6vBmmjV

Score

10^/10

redline sectoprat cheat infostealer

Static task

static1

cheat redline sectoprat

4 signatures

Behavioral task

behavioral1

Sample

Redline.rar

Resource

win10-20230220-en

redline infostealer

windows10-1703-x64

16 signatures

1800 seconds

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

141.255.156.206:35361

Targets

- Target
  
  Redline.rar
- Size
  
  14.6MB
- MD5
  
  319528db2efe3c3c70f2055c2124cde0
- SHA1
  
  65d0f7a4fadf37c31b36b3f7cc8a41aaa900a948
- SHA256
  
  d3a8158d46db1f8476fc7ebef93bd600fbda04bba4bdf9af280f8f9ed6ba1d62
- SHA512
  
  4d6934a174ea25e345ea1ab271fe2ba13212f09d67f8237077c66563aaefa5fe2f6cf8943871f320cd3c57f2d72e107a59df898b3c2c15d8428c9b15f56b69c2
- SSDEEP
  
  393216:PIqhkgQh8zMXpThNGO1o+F6vMSmR8+nVtck0j:gqARXhh1tF6vBmmjV
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Executes dropped EXE
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

cheatredlinesectoprat

behavioral1

redlineinfostealer

© 2018-2024

Terms | Privacy