redline | ad899ebc75e725ff8553a27b5c79c99c86867483ddf66a7f76a25d4f1edfd1b4 | Triage

Sharing

General

Target

ad899ebc75e725ff8553a27b5c79c99c86867483ddf66a7f76a25d4f1edfd1b4
Size

602KB
Sample

241106-qshbls1cnd
MD5

1f47c4d24a14f869aefef7057cbdb578
SHA1

5a13c99f8b60e30f0326eb7f4e4780a86b933cb5
SHA256

ad899ebc75e725ff8553a27b5c79c99c86867483ddf66a7f76a25d4f1edfd1b4
SHA512

ede8fec8ef2ac0bb066089af440c661508357bce72da0159d2edbd1c1266aa6eded8935f6ac2e8f471a1ea3b66a5cebddb481b3b6c55d192ffada9d1b1ae359a
SSDEEP

12288:GMr9y90xrOlXM1BmEsYUmdWLNDJ73O67ldawn3j07:DyaOXWOySNDJDXaQ3j07

Score

10^/10

redline diza discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

diza

C2

83.97.73.129:19068

Attributes

auth_value
0d09b419c8bc967f91c68be4a17e92ee

Targets

- Target
  
  ad899ebc75e725ff8553a27b5c79c99c86867483ddf66a7f76a25d4f1edfd1b4
- Size
  
  602KB
- MD5
  
  1f47c4d24a14f869aefef7057cbdb578
- SHA1
  
  5a13c99f8b60e30f0326eb7f4e4780a86b933cb5
- SHA256
  
  ad899ebc75e725ff8553a27b5c79c99c86867483ddf66a7f76a25d4f1edfd1b4
- SHA512
  
  ede8fec8ef2ac0bb066089af440c661508357bce72da0159d2edbd1c1266aa6eded8935f6ac2e8f471a1ea3b66a5cebddb481b3b6c55d192ffada9d1b1ae359a
- SSDEEP
  
  12288:GMr9y90xrOlXM1BmEsYUmdWLNDJ73O67ldawn3j07:DyaOXWOySNDJDXaQ3j07
Score

10^/10

redline diza discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedizadiscoveryinfostealerpersistence