redline | 99d3db7df116c5c903adfa36b7737dd7a2a77ce5970621ace31e560def653901 | Triage

Sharing

General

Target

99d3db7df116c5c903adfa36b7737dd7a2a77ce5970621ace31e560def653901
Size

754KB
Sample

241106-rz57pa1mes
MD5

6a64de7e5de482f3ef22aba0140c3c4f
SHA1

fc0a38cbb779baba6411d748275bbfc75e327309
SHA256

99d3db7df116c5c903adfa36b7737dd7a2a77ce5970621ace31e560def653901
SHA512

c5d82d8144f9849a8f78d769f869341b532bf670f164f52cb6dd6090cb73cb4ae849ae74e47b1fd061250f5d4d3a695fa6964811f4b5a46eafa86d89fb1bcc89
SSDEEP

12288:6Mr5y90lSglzgROOH8zT6xUZrqaWRGpA5I2mZtsyHz47BFilaHiv3dk8IM6zT1+o:TyRgWJH26xim7GpApKlHk9CXdk5H1+k5

Score

10^/10

redline diza discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

diza

C2

83.97.73.127:19045

Attributes

auth_value
0d09b419c8bc967f91c68be4a17e92ee

Targets

- Target
  
  99d3db7df116c5c903adfa36b7737dd7a2a77ce5970621ace31e560def653901
- Size
  
  754KB
- MD5
  
  6a64de7e5de482f3ef22aba0140c3c4f
- SHA1
  
  fc0a38cbb779baba6411d748275bbfc75e327309
- SHA256
  
  99d3db7df116c5c903adfa36b7737dd7a2a77ce5970621ace31e560def653901
- SHA512
  
  c5d82d8144f9849a8f78d769f869341b532bf670f164f52cb6dd6090cb73cb4ae849ae74e47b1fd061250f5d4d3a695fa6964811f4b5a46eafa86d89fb1bcc89
- SSDEEP
  
  12288:6Mr5y90lSglzgROOH8zT6xUZrqaWRGpA5I2mZtsyHz47BFilaHiv3dk8IM6zT1+o:TyRgWJH26xim7GpApKlHk9CXdk5H1+k5
Score

10^/10

redline diza discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedizadiscoveryinfostealerpersistence