redline | 022d8b11f95a12717f2fe314c31a160a2b15ae34c46c2304d3bee9ded06a9bf0 | Triage

Sharing

General

Target

022d8b11f95a12717f2fe314c31a160a2b15ae34c46c2304d3bee9ded06a9bf0.bin
Size

1.5MB
Sample

230506-yygw2aaf92
MD5

5c6ff84b6aaa70fa8f80a40538e19155
SHA1

fde346f965f07a771ffa8dba352435d3ca39e08c
SHA256

022d8b11f95a12717f2fe314c31a160a2b15ae34c46c2304d3bee9ded06a9bf0
SHA512

37fd807a8f640a889890ea24c6f40049ea20aa23a68d52f7d33a841320b33c1b31417ff0c4f0fd17a1b8d69f3579b64154b7e489124201a54e4cee87704ddef2
SSDEEP

24576:UyVpEulHX09LOPFbQgjEsAM4arTsvNcumTUfA83fLVqrPILoo7eA9gjnunMCbP:jBl309CPF8gj8fans5Qgj3pEw8rg

Score

10^/10

redline most infostealer persistence stealer

Malware Config

Extracted

Family

redline

Botnet

most

C2

185.161.248.73:4164

Attributes

auth_value
7da4dfa153f2919e617aa016f7c36008

Targets

- Target
  
  022d8b11f95a12717f2fe314c31a160a2b15ae34c46c2304d3bee9ded06a9bf0.bin
- Size
  
  1.5MB
- MD5
  
  5c6ff84b6aaa70fa8f80a40538e19155
- SHA1
  
  fde346f965f07a771ffa8dba352435d3ca39e08c
- SHA256
  
  022d8b11f95a12717f2fe314c31a160a2b15ae34c46c2304d3bee9ded06a9bf0
- SHA512
  
  37fd807a8f640a889890ea24c6f40049ea20aa23a68d52f7d33a841320b33c1b31417ff0c4f0fd17a1b8d69f3579b64154b7e489124201a54e4cee87704ddef2
- SSDEEP
  
  24576:UyVpEulHX09LOPFbQgjEsAM4arTsvNcumTUfA83fLVqrPILoo7eA9gjnunMCbP:jBl309CPF8gj8fans5Qgj3pEw8rg
Score

10^/10

redline most infostealer persistence stealer
- Detects Redline Stealer samples
  This rule detects the presence of Redline Stealer samples based on their unique strings.
  stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinemostinfostealerpersistence

behavioral2

redlinemostinfostealerpersistencestealer