redline | e64b5fd46c03309346fd18af82ab0e74594b4951b70d61d0641e32d8df628365 | Triage

Sharing

General

Target

e64b5fd46c03309346fd18af82ab0e74594b4951b70d61d0641e32d8df628365
Size

641KB
Sample

241110-f7vkdatmdl
MD5

b31afc4c3e3c602f73e9b950cb0ad998
SHA1

e749453b14b5f8fa1648b9fead4f13edb2790c47
SHA256

e64b5fd46c03309346fd18af82ab0e74594b4951b70d61d0641e32d8df628365
SHA512

eced81289b68e8198b075d0d053411bd90dd4d40141b3bbadea29f76a3b594724f5b6b634c5eee010b795b66440a53f8c4c37111da4e972e4d29a1d3501f913b
SSDEEP

12288:NMrxy90T5+ewasznSw1vXr9kWogc40OJcPMl7l9p2dEPbIatUYhmwn:kyNvXhkW9sG9wdEPbIatKwn

Score

10^/10

redline darm discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

darm

C2

217.196.96.56:4138

Attributes

auth_value
d88ac8ccc04ab9979b04b46313db1648

Targets

- Target
  
  e64b5fd46c03309346fd18af82ab0e74594b4951b70d61d0641e32d8df628365
- Size
  
  641KB
- MD5
  
  b31afc4c3e3c602f73e9b950cb0ad998
- SHA1
  
  e749453b14b5f8fa1648b9fead4f13edb2790c47
- SHA256
  
  e64b5fd46c03309346fd18af82ab0e74594b4951b70d61d0641e32d8df628365
- SHA512
  
  eced81289b68e8198b075d0d053411bd90dd4d40141b3bbadea29f76a3b594724f5b6b634c5eee010b795b66440a53f8c4c37111da4e972e4d29a1d3501f913b
- SSDEEP
  
  12288:NMrxy90T5+ewasznSw1vXr9kWogc40OJcPMl7l9p2dEPbIatUYhmwn:kyNvXhkW9sG9wdEPbIatKwn
Score

10^/10

redline darm discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedarmdiscoveryinfostealerpersistence