redline | 2525a29d7709466ff6df427678dd119d4c031a1344d82218f8bb890b6c5368f6 | Triage

Sharing

General

Target

2525a29d7709466ff6df427678dd119d4c031a1344d82218f8bb890b6c5368f6.bin
Size

1.5MB
Sample

230506-zttkpsea74
MD5

be60ee130faeea5bb8b5dd7146bf1163
SHA1

4addbee09c1a762139aef5efd8541d945462ed78
SHA256

2525a29d7709466ff6df427678dd119d4c031a1344d82218f8bb890b6c5368f6
SHA512

75dfa717253fdcaf99eb5821c899c249c368a592dd4f0545aef40e55fc2548f7808e9572b9ef719f805b403f54cbeda788eb37f224915d8b17b6a43a251ca010
SSDEEP

24576:tysMJY4UgCofCDvSwgGYsftcwKkOQ6W83lm/ZHyvtV6kyuMml7NWXCiCaZ+J2KY:Is66rofCDvSgHmwFOQY1m0V5GQN2Ci5

Score

10^/10

redline most infostealer persistence stealer

Malware Config

Extracted

Family

redline

Botnet

most

C2

185.161.248.73:4164

Attributes

auth_value
7da4dfa153f2919e617aa016f7c36008

Targets

- Target
  
  2525a29d7709466ff6df427678dd119d4c031a1344d82218f8bb890b6c5368f6.bin
- Size
  
  1.5MB
- MD5
  
  be60ee130faeea5bb8b5dd7146bf1163
- SHA1
  
  4addbee09c1a762139aef5efd8541d945462ed78
- SHA256
  
  2525a29d7709466ff6df427678dd119d4c031a1344d82218f8bb890b6c5368f6
- SHA512
  
  75dfa717253fdcaf99eb5821c899c249c368a592dd4f0545aef40e55fc2548f7808e9572b9ef719f805b403f54cbeda788eb37f224915d8b17b6a43a251ca010
- SSDEEP
  
  24576:tysMJY4UgCofCDvSwgGYsftcwKkOQ6W83lm/ZHyvtV6kyuMml7NWXCiCaZ+J2KY:Is66rofCDvSgHmwFOQY1m0V5GQN2Ci5
Score

10^/10

redline most infostealer persistence stealer
- Detects Redline Stealer samples
  This rule detects the presence of Redline Stealer samples based on their unique strings.
  stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinemostinfostealerpersistence

behavioral2

redlinemostinfostealerpersistencestealer