redline | b04d292ebb745b28099104e579b5d0aea75e8dc164bace5a943eb46767825c00 | Triage

Sharing

General

Target

b04d292ebb745b28099104e579b5d0aea75e8dc164bace5a943eb46767825c00
Size

642KB
Sample

241110-gx8vpa1jav
MD5

71b9c7a08d4ca044ef3a748fd3f458c3
SHA1

6442795333fded41c22adc47ccef8556908905bc
SHA256

b04d292ebb745b28099104e579b5d0aea75e8dc164bace5a943eb46767825c00
SHA512

032c5ca7ef349b0dda32f21d1a8d4ce330faaebac2865bb8896ce0237f19eabe18d6c72aa3db2dd32a829460ac0692314f5a9c5c5e80ece92621eb492bd12255
SSDEEP

12288:sMrFy90OHm6myiHXg4i6X8Lro7VUQLegvklac4:xyBWXK6X8ro726tvX

Score

10^/10

redline darm discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

darm

C2

217.196.96.56:4138

Attributes

auth_value
d88ac8ccc04ab9979b04b46313db1648

Targets

- Target
  
  b04d292ebb745b28099104e579b5d0aea75e8dc164bace5a943eb46767825c00
- Size
  
  642KB
- MD5
  
  71b9c7a08d4ca044ef3a748fd3f458c3
- SHA1
  
  6442795333fded41c22adc47ccef8556908905bc
- SHA256
  
  b04d292ebb745b28099104e579b5d0aea75e8dc164bace5a943eb46767825c00
- SHA512
  
  032c5ca7ef349b0dda32f21d1a8d4ce330faaebac2865bb8896ce0237f19eabe18d6c72aa3db2dd32a829460ac0692314f5a9c5c5e80ece92621eb492bd12255
- SSDEEP
  
  12288:sMrFy90OHm6myiHXg4i6X8Lro7VUQLegvklac4:xyBWXK6X8ro726tvX
Score

10^/10

redline darm discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedarmdiscoveryinfostealerpersistence