redline | c5eda2ef7a5c5cee8c279e16f844aba732203eda618482b523c09aa6842ac067 | Triage

Sharing

General

Target

c5eda2ef7a5c5cee8c279e16f844aba732203eda618482b523c09aa6842ac067
Size

539KB
Sample

241110-3wqhlsyala
MD5

3a057e3067d702fc2d0285a1a4bfa233
SHA1

8d40bf26b0cff91b599a6c844f907f2fb5c6b5cd
SHA256

c5eda2ef7a5c5cee8c279e16f844aba732203eda618482b523c09aa6842ac067
SHA512

450eedc58b098f9777a436736c9b8c43ad0512b4de750ba700c77a9ad6bfa0d2dbf21927c529143a558329454826270cbc15eef8f04dacf36c5f0e136aca2faa
SSDEEP

12288:NMrKy90YC8/k+3w7NJV0e8nQOMF7uSSyCQ:jyZC8z3wD58nQOEaLQ

Score

10^/10

redline fuka discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

fuka

C2

193.233.20.11:4131

Attributes

auth_value
90eef520554ef188793d77ecc34217bf

Targets

- Target
  
  c5eda2ef7a5c5cee8c279e16f844aba732203eda618482b523c09aa6842ac067
- Size
  
  539KB
- MD5
  
  3a057e3067d702fc2d0285a1a4bfa233
- SHA1
  
  8d40bf26b0cff91b599a6c844f907f2fb5c6b5cd
- SHA256
  
  c5eda2ef7a5c5cee8c279e16f844aba732203eda618482b523c09aa6842ac067
- SHA512
  
  450eedc58b098f9777a436736c9b8c43ad0512b4de750ba700c77a9ad6bfa0d2dbf21927c529143a558329454826270cbc15eef8f04dacf36c5f0e136aca2faa
- SSDEEP
  
  12288:NMrKy90YC8/k+3w7NJV0e8nQOMF7uSSyCQ:jyZC8z3wD58nQOEaLQ
Score

10^/10

redline fuka discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinefukadiscoveryinfostealerpersistence