redline | 083597c6d990c1c7e59da8612a2072a9e7e01a10f4c8fc569565241777ef5029 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

083597c6d990c1c7e59da8612a2072a9e7e01a10f4c8fc569565241777ef5029
Size

954KB
Sample

231011-1agmgaea7x
MD5

39dc08b0f43bf5446344aef849e1796f
SHA1

0403612818b2fa92d0ef66a0b82addfe841f6832
SHA256

083597c6d990c1c7e59da8612a2072a9e7e01a10f4c8fc569565241777ef5029
SHA512

c8fa9a940ed47becdafeb498e69c5375196e45338cb4f65d9b528b417a80a86f305394d4b8b41dd8b9cfaea084ee05090bfa0ec68cab52425bc841e61154a4fc
SSDEEP

12288:YMrhy90WRhjyxm2rF4l43sKTtZzabfJwE1BgOlMg7wlw7lZ9hXWDQa79XPbBedyE:Zyj90au3hdCwsmOl7war9hXva75PbxE

Score

10^/10

redline tuxiu infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

tuxiu

C2

77.91.124.82:19071

Attributes

auth_value
29610cdad07e7187eec70685a04b89fe

Targets

- Target
  
  083597c6d990c1c7e59da8612a2072a9e7e01a10f4c8fc569565241777ef5029
- Size
  
  954KB
- MD5
  
  39dc08b0f43bf5446344aef849e1796f
- SHA1
  
  0403612818b2fa92d0ef66a0b82addfe841f6832
- SHA256
  
  083597c6d990c1c7e59da8612a2072a9e7e01a10f4c8fc569565241777ef5029
- SHA512
  
  c8fa9a940ed47becdafeb498e69c5375196e45338cb4f65d9b528b417a80a86f305394d4b8b41dd8b9cfaea084ee05090bfa0ec68cab52425bc841e61154a4fc
- SSDEEP
  
  12288:YMrhy90WRhjyxm2rF4l43sKTtZzabfJwE1BgOlMg7wlw7lZ9hXWDQa79XPbBedyE:Zyj90au3hdCwsmOl7war9hXva75PbxE
Score

10^/10

persistence redline tuxiu infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

redlinetuxiuinfostealerpersistence