redline | 27d355414843c733ab544b22f0b47b91a44d811d773ac5e93936fb4890ca020d | Triage

Sharing

General

Target

27d355414843c733ab544b22f0b47b91a44d811d773ac5e93936fb4890ca020d
Size

306KB
Sample

240424-stkjgacd44
MD5

12b6d7ac92d3766d238212b9b2e41a23
SHA1

aae8ddffd81c9d7b663dbe4e4d6c4efc5a749b68
SHA256

27d355414843c733ab544b22f0b47b91a44d811d773ac5e93936fb4890ca020d
SHA512

f37af19ed10eb18a5c6d1dbbd6f446b3383e06be2bba0ffaf766546473148ff5b8a06c1c2cd3e3d269d7c4045e84fe50d6575efb64104ef361b9526ce15c9b7e
SSDEEP

6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/

Score

10^/10

redline spoo infostealer

Malware Config

Extracted

Family

redline

Botnet

spoo

C2

103.113.70.99:2630

Targets

- Target
  
  27d355414843c733ab544b22f0b47b91a44d811d773ac5e93936fb4890ca020d
- Size
  
  306KB
- MD5
  
  12b6d7ac92d3766d238212b9b2e41a23
- SHA1
  
  aae8ddffd81c9d7b663dbe4e4d6c4efc5a749b68
- SHA256
  
  27d355414843c733ab544b22f0b47b91a44d811d773ac5e93936fb4890ca020d
- SHA512
  
  f37af19ed10eb18a5c6d1dbbd6f446b3383e06be2bba0ffaf766546473148ff5b8a06c1c2cd3e3d269d7c4045e84fe50d6575efb64104ef361b9526ce15c9b7e
- SSDEEP
  
  6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Score

10^/10

redline spoo infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinespooinfostealer

behavioral2

redlinespooinfostealer