redline | d59649332816fca2c74de3d04445fcc521e6d3c26d7b9b753c6a3ad98146d1b6 | Triage

Sharing

General

Target

d59649332816fca2c74de3d04445fcc521e6d3c26d7b9b753c6a3ad98146d1b6.exe
Size

304KB
Sample

240425-cgxp9sde5x
MD5

2952ba58fb0bf15850c0478fcd75e236
SHA1

3e07dc899850a7d69cbfbf8c04f72ccaa2408939
SHA256

d59649332816fca2c74de3d04445fcc521e6d3c26d7b9b753c6a3ad98146d1b6
SHA512

80553685703571baf00c735e5fdf4ed2caf0fd9b74ecd71aa1a819ad82a2cb899daeb4806b27068c4a92318fd8d3431510a36f8180d9621bf15d66e62c8ce5c8
SSDEEP

6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/

Score

10^/10

redline spoo infostealer

Malware Config

Extracted

Family

redline

Botnet

spoo

C2

103.113.70.99:2630

Targets

- Target
  
  d59649332816fca2c74de3d04445fcc521e6d3c26d7b9b753c6a3ad98146d1b6.exe
- Size
  
  304KB
- MD5
  
  2952ba58fb0bf15850c0478fcd75e236
- SHA1
  
  3e07dc899850a7d69cbfbf8c04f72ccaa2408939
- SHA256
  
  d59649332816fca2c74de3d04445fcc521e6d3c26d7b9b753c6a3ad98146d1b6
- SHA512
  
  80553685703571baf00c735e5fdf4ed2caf0fd9b74ecd71aa1a819ad82a2cb899daeb4806b27068c4a92318fd8d3431510a36f8180d9621bf15d66e62c8ce5c8
- SSDEEP
  
  6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Score

10^/10

redline spoo infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

redlinespooinfostealer

behavioral2

redlinespooinfostealer