redline | 9f22fd459b79af3f2007f145925b6be844fb1306a5f5c3e3416c8a8ed1bd2151 | Triage

Sharing

General

Target

9f22fd459b79af3f2007f145925b6be844fb1306a5f5c3e3416c8a8ed1bd2151
Size

479KB
Sample

241110-l8jr6atqbt
MD5

8234fa04dcfbd4107f36505d9882252e
SHA1

5df7b0034c55841ad1b95ce3b06f38b6eaf76a38
SHA256

9f22fd459b79af3f2007f145925b6be844fb1306a5f5c3e3416c8a8ed1bd2151
SHA512

9b6d84aa0d02d5f2e2d0348622f8fb9088ac7c822ff9641e56c45233981b243cd85e31bdd00295394ea9457fd8bf299d27c18978d88bf8fe655bbe2d7f877eb3
SSDEEP

6144:Kvy+bnr+ep0yN90QEoSZ6lZp8FeWPtHUIiQUu2ghwVW+M80CplYO7n9e/Cvf1tyY:5MrKy90jZMZp8zUZVbplB51vfXfV

Score

10^/10

redline dumud discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

dumud

C2

217.196.96.101:4132

Attributes

auth_value
3e18d4b90418aa3e78d8822e87c62f5c

Targets

- Target
  
  9f22fd459b79af3f2007f145925b6be844fb1306a5f5c3e3416c8a8ed1bd2151
- Size
  
  479KB
- MD5
  
  8234fa04dcfbd4107f36505d9882252e
- SHA1
  
  5df7b0034c55841ad1b95ce3b06f38b6eaf76a38
- SHA256
  
  9f22fd459b79af3f2007f145925b6be844fb1306a5f5c3e3416c8a8ed1bd2151
- SHA512
  
  9b6d84aa0d02d5f2e2d0348622f8fb9088ac7c822ff9641e56c45233981b243cd85e31bdd00295394ea9457fd8bf299d27c18978d88bf8fe655bbe2d7f877eb3
- SSDEEP
  
  6144:Kvy+bnr+ep0yN90QEoSZ6lZp8FeWPtHUIiQUu2ghwVW+M80CplYO7n9e/Cvf1tyY:5MrKy90jZMZp8zUZVbplB51vfXfV
Score

10^/10

redline dumud discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedumuddiscoveryinfostealerpersistence