redline | 096e1f9fd0befd1800cf2640925d75edb00fb6b9e0a12cde0af671722f648aa3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

096e1f9fd0befd1800cf2640925d75edb00fb6b9e0a12cde0af671722f648aa3
Size

267KB
Sample

230617-eylqfahh4v
MD5

66c1125d4fa55f7bdbb1d0dca296a66d
SHA1

1db21c23390b96fdbf3e89b3b3dc7364ad9a4509
SHA256

096e1f9fd0befd1800cf2640925d75edb00fb6b9e0a12cde0af671722f648aa3
SHA512

bb890270d3417982c4fce49921bd7bd2007ea802394e2b321d9dbf59b86164483be31d69dd2737c9b3ceaa4ef53e7d459f7a03d75e8d486f738bea648f53e062
SSDEEP

3072:DX5J6dZ4Xw0fryjk2gwILCUm2oIX2BFHEYrFvhbSllz1LkAx:sJ0sgwI7m29CLrvbSllzJ

Score

10^/10

redline grega discovery infostealer spyware stealer

Malware Config

Extracted

Family

redline

Botnet

grega

C2

83.97.73.130:19061

Attributes

auth_value
16e2fbc2847b2270b3f0679e2dd76c8d

Targets

- Target
  
  096e1f9fd0befd1800cf2640925d75edb00fb6b9e0a12cde0af671722f648aa3
- Size
  
  267KB
- MD5
  
  66c1125d4fa55f7bdbb1d0dca296a66d
- SHA1
  
  1db21c23390b96fdbf3e89b3b3dc7364ad9a4509
- SHA256
  
  096e1f9fd0befd1800cf2640925d75edb00fb6b9e0a12cde0af671722f648aa3
- SHA512
  
  bb890270d3417982c4fce49921bd7bd2007ea802394e2b321d9dbf59b86164483be31d69dd2737c9b3ceaa4ef53e7d459f7a03d75e8d486f738bea648f53e062
- SSDEEP
  
  3072:DX5J6dZ4Xw0fryjk2gwILCUm2oIX2BFHEYrFvhbSllz1LkAx:sJ0sgwI7m29CLrvbSllzJ
Score

10^/10

redline grega discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinegregadiscoveryinfostealerspywarestealer