redline | a55b6b24fe0230a0cfb6479a20435c52cb3e7657bc1ecb729fd2222bac371d16 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a55b6b24fe0230a0cfb6479a20435c52cb3e7657bc1ecb729fd2222bac371d16
Size

584KB
Sample

230605-y2kgbsaf42
MD5

c8ca9e1071762fbd54a4451877d3763d
SHA1

a5ec2dca7c1d7490230407d0a83b605a3b6ab2fc
SHA256

a55b6b24fe0230a0cfb6479a20435c52cb3e7657bc1ecb729fd2222bac371d16
SHA512

aaf011528e715403b6f6002b0323409ff72dddc981e75528831bbec2a62b59f244caf2244eb5eaddd9fef10b28fe42313aa72c169fcdd066b271afa3a274e898
SSDEEP

12288:XMrky90wlFco/Rm2elh6KntIkeAxJTG56e/n1MBgLX/3GKMHoXoLb:/yJx7elh6Ut1eQi6Kn+AX/GKEoX0b

Score

10^/10

redline diza evasion infostealer persistence trojan

Malware Config

Extracted

Family

redline

Botnet

diza

C2

83.97.73.126:19048

Attributes

auth_value
0d09b419c8bc967f91c68be4a17e92ee

Targets

- Target
  
  a55b6b24fe0230a0cfb6479a20435c52cb3e7657bc1ecb729fd2222bac371d16
- Size
  
  584KB
- MD5
  
  c8ca9e1071762fbd54a4451877d3763d
- SHA1
  
  a5ec2dca7c1d7490230407d0a83b605a3b6ab2fc
- SHA256
  
  a55b6b24fe0230a0cfb6479a20435c52cb3e7657bc1ecb729fd2222bac371d16
- SHA512
  
  aaf011528e715403b6f6002b0323409ff72dddc981e75528831bbec2a62b59f244caf2244eb5eaddd9fef10b28fe42313aa72c169fcdd066b271afa3a274e898
- SSDEEP
  
  12288:XMrky90wlFco/Rm2elh6KntIkeAxJTG56e/n1MBgLX/3GKMHoXoLb:/yJx7elh6Ut1eQi6Kn+AX/GKEoX0b
Score

10^/10

redline diza evasion infostealer persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Executes dropped EXE
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedizaevasioninfostealerpersistencetrojan