redline | 9fb68da98114d9eb0e3b0a43fd0b0334925e9867a85278c94234af1d4d8f8900 | Triage

Sharing

General

Target

9fb68da98114d9eb0e3b0a43fd0b0334925e9867a85278c94234af1d4d8f8900
Size

387KB
Sample

230622-m9cwnsfd31
MD5

c414ad29f761d18029124a660ef3381e
SHA1

aadad0e6730a091414d24c0140a41d97d81ef4b6
SHA256

9fb68da98114d9eb0e3b0a43fd0b0334925e9867a85278c94234af1d4d8f8900
SHA512

66d20913491b558ed90a7220a2f9fff96140897cf1fe241f14db124f6580d3bc4b8138a703f902352bef9670a24d9d9950b381da97372f10cc1a4c7f1161c38f
SSDEEP

12288:0dztKe0jWeeIOVxOgmc0D57ABb0wTH1b/rbOxzrnb2OA8efJUZmM:UkeeeH3A6M

Score

10^/10

redline furga discovery infostealer spyware stealer

Malware Config

Extracted

Family

redline

Botnet

furga

C2

83.97.73.128:19071

Attributes

auth_value
1b7af6db7a79a3475798fcf494818be7

Targets

- Target
  
  9fb68da98114d9eb0e3b0a43fd0b0334925e9867a85278c94234af1d4d8f8900
- Size
  
  387KB
- MD5
  
  c414ad29f761d18029124a660ef3381e
- SHA1
  
  aadad0e6730a091414d24c0140a41d97d81ef4b6
- SHA256
  
  9fb68da98114d9eb0e3b0a43fd0b0334925e9867a85278c94234af1d4d8f8900
- SHA512
  
  66d20913491b558ed90a7220a2f9fff96140897cf1fe241f14db124f6580d3bc4b8138a703f902352bef9670a24d9d9950b381da97372f10cc1a4c7f1161c38f
- SSDEEP
  
  12288:0dztKe0jWeeIOVxOgmc0D57ABb0wTH1b/rbOxzrnb2OA8efJUZmM:UkeeeH3A6M
Score

10^/10

redline furga discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinefurgadiscoveryinfostealerspywarestealer