redline | 719ce53ae8f59243cf658e0503344034fc34bb55c93c0b274aebcc1e2a04ea31 | Triage

Sharing

General

Target

719ce53ae8f59243cf658e0503344034fc34bb55c93c0b274aebcc1e2a04ea31
Size

514KB
Sample

231012-epy96sfh67
MD5

11f045680800970ca3dd16dfb37e5f1d
SHA1

4b9969886c5d4e371004f4bbc3d183d5c28c7699
SHA256

719ce53ae8f59243cf658e0503344034fc34bb55c93c0b274aebcc1e2a04ea31
SHA512

942f921448aa6a29565b2350293e886a624ab878930fe96f456daf95801a4087f8193b145144d74d57e08a33f2e71009ffb99da649044746c180b7eb38452b1e
SSDEEP

12288:WMrOy90TJJ204VJ5otYhixnw6O8EbJ27um8tMeiOce+q:MyKJ2fX6Og+6ODbJs58tRisJ

Score

10^/10

redline trush infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

trush

C2

77.91.124.82:19071

Attributes

auth_value
c13814867cde8193679cd0cad2d774be

Targets

- Target
  
  719ce53ae8f59243cf658e0503344034fc34bb55c93c0b274aebcc1e2a04ea31
- Size
  
  514KB
- MD5
  
  11f045680800970ca3dd16dfb37e5f1d
- SHA1
  
  4b9969886c5d4e371004f4bbc3d183d5c28c7699
- SHA256
  
  719ce53ae8f59243cf658e0503344034fc34bb55c93c0b274aebcc1e2a04ea31
- SHA512
  
  942f921448aa6a29565b2350293e886a624ab878930fe96f456daf95801a4087f8193b145144d74d57e08a33f2e71009ffb99da649044746c180b7eb38452b1e
- SSDEEP
  
  12288:WMrOy90TJJ204VJ5otYhixnw6O8EbJ27um8tMeiOce+q:MyKJ2fX6Og+6ODbJs58tRisJ
Score

10^/10

redline trush infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinetrushinfostealerpersistence

behavioral2