redline | 044808206b15c3f6e76d7607021c374d0fa9e133827385c1dfc6b7e7ae546381 | Triage

Sharing

General

Target

9ebb001120623104748a010573e1ebc2eabeea7a
Size

364KB
Sample

241110-18e7aszlar
MD5

96a78796fdd39d809a78fb05829ff763
SHA1

9ebb001120623104748a010573e1ebc2eabeea7a
SHA256

044808206b15c3f6e76d7607021c374d0fa9e133827385c1dfc6b7e7ae546381
SHA512

8249e8c81a8706d39427cb0f7c8504e6531417e2e7b84b11fa6180122e879e62cb7fb2e33452af49ea57a11eba9beb82f578ee8f873b2b4178cd405db72d8dc1
SSDEEP

6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv

Score

10^/10

redline 0002 discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

0002

C2

13.72.81.58:13413

Attributes

auth_value
866ce0ed8cfe2be77fb43a4912677698

Targets

- Target
  
  9ebb001120623104748a010573e1ebc2eabeea7a
- Size
  
  364KB
- MD5
  
  96a78796fdd39d809a78fb05829ff763
- SHA1
  
  9ebb001120623104748a010573e1ebc2eabeea7a
- SHA256
  
  044808206b15c3f6e76d7607021c374d0fa9e133827385c1dfc6b7e7ae546381
- SHA512
  
  8249e8c81a8706d39427cb0f7c8504e6531417e2e7b84b11fa6180122e879e62cb7fb2e33452af49ea57a11eba9beb82f578ee8f873b2b4178cd405db72d8dc1
- SSDEEP
  
  6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv
Score

10^/10

redline 0002 discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline0002discoveryinfostealer

behavioral2

redline0002discoveryinfostealer