redline | d291c112b418445454f57ff09996ddcbfed1a49cb04a8518c91ef2956e9dcde9 | Triage

Sharing

General

Target

d291c112b418445454f57ff09996ddcbfed1a49cb04a8518c91ef2956e9dcde9
Size

388KB
Sample

230622-ragsssga9y
MD5

853949ce19f6168baa5107acc913f80d
SHA1

f86619019c9df1351e210125fbbca5b63d190e9e
SHA256

d291c112b418445454f57ff09996ddcbfed1a49cb04a8518c91ef2956e9dcde9
SHA512

7d4a02d5b666c4137cadf0d7b83ec85fcb6c0835ecf5a5c670aec0463c65854852893b1eab16d4b86d3ecbbb6735b5a31fce8f20a4765a68da390aa92d7e9aa7
SSDEEP

12288:8PztKe0jWeeIOZfagmc0D57ABb0wTH1b/rbOxzrnb2OA8efJUZmM:+keeeV3A6M

Score

10^/10

redline furga discovery infostealer spyware stealer

Malware Config

Extracted

Family

redline

Botnet

furga

C2

83.97.73.128:19071

Attributes

auth_value
1b7af6db7a79a3475798fcf494818be7

Targets

- Target
  
  d291c112b418445454f57ff09996ddcbfed1a49cb04a8518c91ef2956e9dcde9
- Size
  
  388KB
- MD5
  
  853949ce19f6168baa5107acc913f80d
- SHA1
  
  f86619019c9df1351e210125fbbca5b63d190e9e
- SHA256
  
  d291c112b418445454f57ff09996ddcbfed1a49cb04a8518c91ef2956e9dcde9
- SHA512
  
  7d4a02d5b666c4137cadf0d7b83ec85fcb6c0835ecf5a5c670aec0463c65854852893b1eab16d4b86d3ecbbb6735b5a31fce8f20a4765a68da390aa92d7e9aa7
- SSDEEP
  
  12288:8PztKe0jWeeIOZfagmc0D57ABb0wTH1b/rbOxzrnb2OA8efJUZmM:+keeeV3A6M
Score

10^/10

redline furga discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinefurgadiscoveryinfostealerspywarestealer