redline | eadc5bcbdc7420171068f39005513da66cdf4d15c82a2137165a14beef4e5269 | Triage

Sharing

General

Target

Adobe Premiere Pro Crack.zip
Size

5.1MB
Sample

230613-1evpwsbh95
MD5

1eac10f81d40e42bb74922c104ffddfc
SHA1

4e2858d62d254163dcfdbe09ac8819425997f613
SHA256

eadc5bcbdc7420171068f39005513da66cdf4d15c82a2137165a14beef4e5269
SHA512

8560b48fc140fd0186290bc8de6bc49368e7e4ee2dae5264864e0fdc686bcf5ce52affd8a47c0af1206f3e7348e4fad67b428971842475b440dbe635438dcadb
SSDEEP

98304:qE3k9M1CbVXc4lErkE9uFE9EStAJvRWqSd0VK9lQH0Kea65MUA/tGwPU8w:f3v8s4lEYEt9iFSd0VGFatYwP1w

Score

10^/10

redline @aboba255 infostealer spyware

Malware Config

Extracted

Family

redline

Botnet

@aboba255

C2

94.142.138.4:80

Attributes

auth_value
6487f4e00b6ec53f5fc436622f366458

Targets

- Target
  
  Adobe Premiere Pro Crack/Adobe Premiere Pro Crack/Set-up.exe
- Size
  
  1021.2MB
- MD5
  
  8a770217cde0fd2d05a08d33aefba9a7
- SHA1
  
  c447d9548b54690f37c913744370c859fbd719be
- SHA256
  
  ae2975696c0b6f6f1009a0cfe612f5ecd974f13967283b3b2ab87706e325ec7a
- SHA512
  
  f6324528463d4af968416fed82c16f15ae27f18ab78c32844472eac78bb5fb4de13f3ef576cd84433d549186956c23923a4b8690d8de0e6fe433a04ac834bc99
- SSDEEP
  
  24576:9uSFnrkjIe3pOFlScySTf0kvGTdsCww2d+aSFC1qhBnEsT+ddem5nzU0l:r9kx3CPyEfdvGTfwwZhFRBTpOzU0
Score

10^/10

redline @aboba255 infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  Adobe Premiere Pro Crack/Adobe Premiere Pro Crack/Setup.dll
- Size
  
  557KB
- MD5
  
  0fd7ea74edfaa42be55648605f527cbd
- SHA1
  
  83e8a74436a3701664f13accbc445c698b7ce52a
- SHA256
  
  8be532fc253154d92a193a1fe7cfc37ae82639c3d6845b0405b78324124f3a6a
- SHA512
  
  44ae57beb38bd1d547c121c46f17b2b16cf253f10cbe99926c10ebf7cc9a1bb4190a9ab878247aa998aecf1248237f120695d46859f59186aaff2cb12b0d4db5
- SSDEEP
  
  6144:KiY7sT+MrlYkiY7sT+MrlYkiY7sT+MrlYkiY7sT+MrlYkiY7sT+MrlYU0S83FJ4D:KZo7VZo7VZo7VZo7VZo750H2JIs
Score

1^/10
behavioral3 behavioral4
- Target
  
  Adobe Premiere Pro Crack/Adobe Premiere Pro Crack/libGLESv2.dll
- Size
  
  1.4MB
- MD5
  
  8306600f6c59fca3a7f1b6051a70a34c
- SHA1
  
  9d2fd76fd7ef118ea96bc26ae0c03c428d91e34e
- SHA256
  
  cd9ffd828af9e4ccad1cdab755d9393174857b071a997548d9e3c4f20999320e
- SHA512
  
  414bcfe0de34a2ce51940ad8220627e74abb09a2d5250c60a161625e780540a0bf204583e0638546bed25c6372c8c8a053b6c6e31959d4f581c8802762e1380d
- SSDEEP
  
  12288:BoZo7VZo7VZo7VZo7VZo7VZo7VZo7VZo7VZo7VZo7VZo7VZo7iZo7Xo7VZo7VZov:Z
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@aboba255infostealerspyware

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6