redline | e3a63dec431448ebf227ead9b8d5435c181a6db312e9590145e1a493dab5e774 | Triage

Sharing

General

Target

e3a63dec431448ebf227ead9b8d5435c181a6db312e9590145e1a493dab5e774
Size

469KB
Sample

241106-txyqyawlck
MD5

b308169716c4efcd1e6cf30834cfab18
SHA1

fbff05a7f1dad690bdbd619f7ecd6937b0e06a69
SHA256

e3a63dec431448ebf227ead9b8d5435c181a6db312e9590145e1a493dab5e774
SHA512

8d67432d1627b6261ba5c0ceb22aa0668c6f714ace95a85340b343a16e9e3a670d4a49ff0f6fe8a2cf99ed7e44b0c4aaf18478c88f7458ba82f8916e99304858
SSDEEP

6144:K7y+bnr+nkp0yN90QErD2/PCznzLlWphveMQ+pOacCbtsjSeHjkdfWYxEhY+VlZ:9Mrcy90Z2kzLkf9Q4x6WfTEakZ

Score

10^/10

redline fukia discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

fukia

C2

193.233.20.13:4136

Attributes

auth_value
e5783636fbd9e4f0cf9a017bce02e67e

Targets

- Target
  
  e3a63dec431448ebf227ead9b8d5435c181a6db312e9590145e1a493dab5e774
- Size
  
  469KB
- MD5
  
  b308169716c4efcd1e6cf30834cfab18
- SHA1
  
  fbff05a7f1dad690bdbd619f7ecd6937b0e06a69
- SHA256
  
  e3a63dec431448ebf227ead9b8d5435c181a6db312e9590145e1a493dab5e774
- SHA512
  
  8d67432d1627b6261ba5c0ceb22aa0668c6f714ace95a85340b343a16e9e3a670d4a49ff0f6fe8a2cf99ed7e44b0c4aaf18478c88f7458ba82f8916e99304858
- SSDEEP
  
  6144:K7y+bnr+nkp0yN90QErD2/PCznzLlWphveMQ+pOacCbtsjSeHjkdfWYxEhY+VlZ:9Mrcy90Z2kzLkf9Q4x6WfTEakZ
Score

10^/10

redline fukia discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinefukiadiscoveryinfostealerpersistence