redline | 5780810e969d1744281c29d6261873cd53590732ea821c3cd0ee3d7b4e91659a | Triage

Sharing

General

Target

5780810e969d1744281c29d6261873cd53590732ea821c3cd0ee3d7b4e91659a
Size

536KB
Sample

241107-trl5ysvmb1
MD5

b8b9f963ba262ad560f7a2a0d7f33904
SHA1

1e9b306e6b76eba7378e4a1c8aff1dc0ea32fceb
SHA256

5780810e969d1744281c29d6261873cd53590732ea821c3cd0ee3d7b4e91659a
SHA512

5aa093e301e647892d39f01dbfdb5d8db73540c33cb80031a0f970d842cdb43514105c047f4c2955dc888d24bfc0dfc5bb088d8491d06f8ec891dcc635dbbb45
SSDEEP

12288:g6HVq+h1mt7K5N43fwt97mjfhQIQm3WPwGpe4ct:JHQg1IK5yYXqb6IXz4ct

Score

10^/10

redline diza discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

diza

C2

83.97.73.126:19046

Attributes

auth_value
0d09b419c8bc967f91c68be4a17e92ee

Targets

- Target
  
  0dd0400b4e1b03d8dddfa68961843b2312ccf6bc7ffa8162567b56d3762e8d0a.exe
- Size
  
  580KB
- MD5
  
  2f04ac814a59dafca189e603d18d196d
- SHA1
  
  29148efe87f9303a07a05b45afeec232139243b0
- SHA256
  
  0dd0400b4e1b03d8dddfa68961843b2312ccf6bc7ffa8162567b56d3762e8d0a
- SHA512
  
  aafc6953a4d136c4e0c0de728e6481bc733cd07bdbc4f14c8839f38caf53c7e6f1db8bc7d21397cf61dca0fe73c724ebf6b803da8ee567a319935aed9d6bb77a
- SSDEEP
  
  12288:fMrNy90f5MI+IauHzi0A2Ok3k4uzkAxKtP9GzFzeIEG:GyqCVYS2Q4uzPxKWzFeIb
Score

10^/10

redline diza discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedizadiscoveryinfostealerpersistence