redline | 6763820f80ac6ec7001790ee14bd3d819e58a0de7778dc8056938d30016e7a5a | Triage

Sharing

General

Target

6763820f80ac6ec7001790ee14bd3d819e58a0de7778dc8056938d30016e7a5a
Size

479KB
Sample

241110-3v89bsxkht
MD5

6984679bedc28d34366900bea303f36a
SHA1

809825a74cbf5369aeca55bcb2ee6a27d975ff93
SHA256

6763820f80ac6ec7001790ee14bd3d819e58a0de7778dc8056938d30016e7a5a
SHA512

f0bfedebbedc7f1a3ea55f4c5a69a85beaaae894249fdbfd1f381ce7228f635884b7095aab2b9fe0e6efc44d82fa4b9ecc37ce9ccf10594b7cb4a6ecfbe7fad3
SSDEEP

12288:MMrcy90Ax1OYdUHck+NJOrIVZTPW21lXBTGVu3L3Poc:AyTT7zNXsATPW21lXBQcp

Score

10^/10

redline diwer discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

diwer

C2

217.196.96.101:4132

Attributes

auth_value
42abfa9e4f2e290c8bdbc776fd9bb6ad

Targets

- Target
  
  6763820f80ac6ec7001790ee14bd3d819e58a0de7778dc8056938d30016e7a5a
- Size
  
  479KB
- MD5
  
  6984679bedc28d34366900bea303f36a
- SHA1
  
  809825a74cbf5369aeca55bcb2ee6a27d975ff93
- SHA256
  
  6763820f80ac6ec7001790ee14bd3d819e58a0de7778dc8056938d30016e7a5a
- SHA512
  
  f0bfedebbedc7f1a3ea55f4c5a69a85beaaae894249fdbfd1f381ce7228f635884b7095aab2b9fe0e6efc44d82fa4b9ecc37ce9ccf10594b7cb4a6ecfbe7fad3
- SSDEEP
  
  12288:MMrcy90Ax1OYdUHck+NJOrIVZTPW21lXBTGVu3L3Poc:AyTT7zNXsATPW21lXBQcp
Score

10^/10

redline diwer discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediwerdiscoveryinfostealerpersistence