redline | 933f9395d32b29c81cd5f3d447879cf422737aeff132f5712c5cd56144a8dc70 | Triage

Submit
Reports

Overview

overview

Static

static

1

933f9395d3...70.exe

windows10-2004-x64

Sharing

General

Target

933f9395d32b29c81cd5f3d447879cf422737aeff132f5712c5cd56144a8dc70
Size

588KB
Sample

230420-q3phnscb7x
MD5

c974267895ad22f05bc9f3079bfc6150
SHA1

e7ca397dc564039b8182f414627a27db524040f5
SHA256

933f9395d32b29c81cd5f3d447879cf422737aeff132f5712c5cd56144a8dc70
SHA512

a2863a864719eaa0063fc0d57919eb249039ca2e0499e0437bdb4424015ccf56a881e28c495179bfa115435ece33e44381f95d0483aeb62d896e8eb4e3efc38a
SSDEEP

12288:ExLaKwfCEgWtLkyEYP+PiZbnRtZdmYyG8CVr:EBaqEgaEpqZbR5mRLCV

Score

10^/10

redline lada infostealer

Static task

static1

Behavioral task

behavioral1

Sample

933f9395d32b29c81cd5f3d447879cf422737aeff132f5712c5cd56144a8dc70.exe

Resource

win10v2004-20230220-en

redline lada infostealer

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

lada

C2

185.161.248.90:4125

Attributes

auth_value
0b3678897547fedafe314eda5a2015ba

Targets

- Target
  
  933f9395d32b29c81cd5f3d447879cf422737aeff132f5712c5cd56144a8dc70
- Size
  
  588KB
- MD5
  
  c974267895ad22f05bc9f3079bfc6150
- SHA1
  
  e7ca397dc564039b8182f414627a27db524040f5
- SHA256
  
  933f9395d32b29c81cd5f3d447879cf422737aeff132f5712c5cd56144a8dc70
- SHA512
  
  a2863a864719eaa0063fc0d57919eb249039ca2e0499e0437bdb4424015ccf56a881e28c495179bfa115435ece33e44381f95d0483aeb62d896e8eb4e3efc38a
- SSDEEP
  
  12288:ExLaKwfCEgWtLkyEYP+PiZbnRtZdmYyG8CVr:EBaqEgaEpqZbR5mRLCV
Score

10^/10

redline lada infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineladainfostealer

© 2018-2024

Terms | Privacy