redline | d1a29ffa42b1cfeb8daf43256f8ebe7b3bb9db99c724a5ea3ec54d932e8217e0 | Triage

Sharing

General

Target

d1a29ffa42b1cfeb8daf43256f8ebe7b3bb9db99c724a5ea3ec54d932e8217e0
Size

724KB
Sample

241110-3pfd3axgra
MD5

de29e907e5c328e6c8a6f77b7567ba9c
SHA1

f1671567f5a417e43da76628b67a09000f13253a
SHA256

d1a29ffa42b1cfeb8daf43256f8ebe7b3bb9db99c724a5ea3ec54d932e8217e0
SHA512

543c9d66d8fb9cd30434d84df9a82a6989ca7661a2fad6a9733f2900e6c37f7723db3202a5052ce89ae77c4c24cbdc9f3e6f76e35037591bb0705f5a172fc71c
SSDEEP

12288:RMryy90uIFwWcXBxjXMmc2Ohkt0Og88VZgIPCaBZ7ksB/eAE5h7C5zum:7ylmX0Bxj8mc2Ohkt0V88VZgI68VbwHK

Score

10^/10

redline fusa discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

fusa

C2

193.233.20.12:4132

Attributes

auth_value
a08b2f01bd2af756e38c5dd60e87e697

Targets

- Target
  
  d1a29ffa42b1cfeb8daf43256f8ebe7b3bb9db99c724a5ea3ec54d932e8217e0
- Size
  
  724KB
- MD5
  
  de29e907e5c328e6c8a6f77b7567ba9c
- SHA1
  
  f1671567f5a417e43da76628b67a09000f13253a
- SHA256
  
  d1a29ffa42b1cfeb8daf43256f8ebe7b3bb9db99c724a5ea3ec54d932e8217e0
- SHA512
  
  543c9d66d8fb9cd30434d84df9a82a6989ca7661a2fad6a9733f2900e6c37f7723db3202a5052ce89ae77c4c24cbdc9f3e6f76e35037591bb0705f5a172fc71c
- SSDEEP
  
  12288:RMryy90uIFwWcXBxjXMmc2Ohkt0Og88VZgIPCaBZ7ksB/eAE5h7C5zum:7ylmX0Bxj8mc2Ohkt0V88VZgI68VbwHK
Score

10^/10

redline fusa discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinefusadiscoveryinfostealerpersistence