redline | ae5650267f944d9a1de3448639ac7498adc7046869ec02dbd17b217befb65fdc | Triage

Sharing

General

Target

ae5650267f944d9a1de3448639ac7498adc7046869ec02dbd17b217befb65fdc
Size

479KB
Sample

241110-1csshswcmf
MD5

86b587f1ca5bd2b317f3a45cee1e8d30
SHA1

a9b6e10a60c2dfeea3c8493258a59e7563f26e0e
SHA256

ae5650267f944d9a1de3448639ac7498adc7046869ec02dbd17b217befb65fdc
SHA512

197ab54726e680cce2e6d415c14445c49cc4f6aaf59a42f9d8cc13c34faf12c3109e0408fbd6883d6ff86beb6243f2e15917a14a9b3f84e92363de78580c6cff
SSDEEP

6144:KDy+bnr+1p0yN90QELeO8yl3lzNZj71wK7LIgRvDgBU+5WDp38Y+DIXk2V9pZfRi:ZMrBy90EOtlz7j71w9XU+43sa9zEl5

Score

10^/10

redline daris discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

daris

C2

217.196.96.56:4138

Attributes

auth_value
3491f24ae0250969cd45ce4b3fe77549

Targets

- Target
  
  ae5650267f944d9a1de3448639ac7498adc7046869ec02dbd17b217befb65fdc
- Size
  
  479KB
- MD5
  
  86b587f1ca5bd2b317f3a45cee1e8d30
- SHA1
  
  a9b6e10a60c2dfeea3c8493258a59e7563f26e0e
- SHA256
  
  ae5650267f944d9a1de3448639ac7498adc7046869ec02dbd17b217befb65fdc
- SHA512
  
  197ab54726e680cce2e6d415c14445c49cc4f6aaf59a42f9d8cc13c34faf12c3109e0408fbd6883d6ff86beb6243f2e15917a14a9b3f84e92363de78580c6cff
- SSDEEP
  
  6144:KDy+bnr+1p0yN90QELeO8yl3lzNZj71wK7LIgRvDgBU+5WDp38Y+DIXk2V9pZfRi:ZMrBy90EOtlz7j71w9XU+43sa9zEl5
Score

10^/10

redline daris discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedarisdiscoveryinfostealerpersistence