redline | 40175fe8884f1e7565c71eb2a0f09e58c7ff082d8865f83f17f46fc4693b04bc | Triage

Sharing

General

Target

f9460380exeexeexeexeexeex.exe
Size

265KB
Sample

230711-txdqrshg57
MD5

ccb1fb5983d0d1092953531c7fc98bef
SHA1

d33fc1d5fb54441e0caafa9d0583016e6f213c7a
SHA256

40175fe8884f1e7565c71eb2a0f09e58c7ff082d8865f83f17f46fc4693b04bc
SHA512

715971cfba3b6e3c9951dfc5d6e08c485ceec6a2da924bc8b95eafa1fc2f52cf31ddd69f8ef014273b1bbaa9008c8e21e7fc6049f1be1dd153f726c7b6644b91
SSDEEP

6144:8OlVrmzXcaFV4uYzXTVfR5HE+aX+iexf2EtQuk2K6mVnMg0UTDa:8OXmoaFGuYzXTiXGxf2EtQuk2K6mVnM8

Score

10^/10

redline furod infostealer

Malware Config

Extracted

Family

redline

Botnet

furod

C2

77.91.68.70:19073

Attributes

auth_value
d2386245fe11799b28b4521492a5879d

Targets

- Target
  
  f9460380exeexeexeexeexeex.exe
- Size
  
  265KB
- MD5
  
  ccb1fb5983d0d1092953531c7fc98bef
- SHA1
  
  d33fc1d5fb54441e0caafa9d0583016e6f213c7a
- SHA256
  
  40175fe8884f1e7565c71eb2a0f09e58c7ff082d8865f83f17f46fc4693b04bc
- SHA512
  
  715971cfba3b6e3c9951dfc5d6e08c485ceec6a2da924bc8b95eafa1fc2f52cf31ddd69f8ef014273b1bbaa9008c8e21e7fc6049f1be1dd153f726c7b6644b91
- SSDEEP
  
  6144:8OlVrmzXcaFV4uYzXTVfR5HE+aX+iexf2EtQuk2K6mVnMg0UTDa:8OXmoaFGuYzXTiXGxf2EtQuk2K6mVnM8
Score

10^/10

redline furod infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinefurodinfostealer

behavioral2

redlinefurodinfostealer