redline | 87f1d99d4e547ee5bd94b94ef3881ca8e5d73d67cc282100c2c379563c57cb79 | Triage

Sharing

General

Target

87f1d99d4e547ee5bd94b94ef3881ca8e5d73d67cc282100c2c379563c57cb79
Size

753KB
Sample

241106-qdvndszlgw
MD5

d046988a63ccf6b3c4860b1710ae1cd3
SHA1

0c72a1967602398435178b094c948df2280ff9c5
SHA256

87f1d99d4e547ee5bd94b94ef3881ca8e5d73d67cc282100c2c379563c57cb79
SHA512

1bac09b5f92159f7d6350d38957d668e339a420df0524cf71b5d8ca016b2305ab288781dcf3f88506a3feeaac9f28385f2308db3362cc2ec9c71508025fb9ecc
SSDEEP

12288:qMr1y90v166/uOrGpjwlauj6PDri9cMJJq1NP1WfT+WWmbuv/hbamDv1D9iC/w:/yodruh86r29cMqB1AiWWmitlcsw

Score

10^/10

redline diza discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

diza

C2

83.97.73.127:19045

Attributes

auth_value
0d09b419c8bc967f91c68be4a17e92ee

Targets

- Target
  
  87f1d99d4e547ee5bd94b94ef3881ca8e5d73d67cc282100c2c379563c57cb79
- Size
  
  753KB
- MD5
  
  d046988a63ccf6b3c4860b1710ae1cd3
- SHA1
  
  0c72a1967602398435178b094c948df2280ff9c5
- SHA256
  
  87f1d99d4e547ee5bd94b94ef3881ca8e5d73d67cc282100c2c379563c57cb79
- SHA512
  
  1bac09b5f92159f7d6350d38957d668e339a420df0524cf71b5d8ca016b2305ab288781dcf3f88506a3feeaac9f28385f2308db3362cc2ec9c71508025fb9ecc
- SSDEEP
  
  12288:qMr1y90v166/uOrGpjwlauj6PDri9cMJJq1NP1WfT+WWmbuv/hbamDv1D9iC/w:/yodruh86r29cMqB1AiWWmitlcsw
Score

10^/10

redline diza discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedizadiscoveryinfostealerpersistence