redline | 74c1cf5da41ad632afd329aa18ddadf0c3f41af57f429f185110034effa78d8a | Triage

Sharing

General

Target

74c1cf5da41ad632afd329aa18ddadf0c3f41af57f429f185110034effa78d8a
Size

470KB
Sample

241110-ppjjtszlhn
MD5

0b86a145a69bcb9eb03264635b83a051
SHA1

5ee5962b8de2ae8043a7081c80f770c5de920485
SHA256

74c1cf5da41ad632afd329aa18ddadf0c3f41af57f429f185110034effa78d8a
SHA512

bdae126effe325ce57dac4533ba657abe8841159fc5d87c296f4abaf1eb4d612a1e04a8aed8a4f4d16d4133a6b53422681ebd9cf7ad2e58b3f2fe7aafcee25e4
SSDEEP

12288:qMrGy90ZI/kYOV6eHsVyrxJ+NsoT1PMriO8:QyKI8YE6eB2MriV

Score

10^/10

redline fukia discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

fukia

C2

193.233.20.13:4136

Attributes

auth_value
e5783636fbd9e4f0cf9a017bce02e67e

Targets

- Target
  
  74c1cf5da41ad632afd329aa18ddadf0c3f41af57f429f185110034effa78d8a
- Size
  
  470KB
- MD5
  
  0b86a145a69bcb9eb03264635b83a051
- SHA1
  
  5ee5962b8de2ae8043a7081c80f770c5de920485
- SHA256
  
  74c1cf5da41ad632afd329aa18ddadf0c3f41af57f429f185110034effa78d8a
- SHA512
  
  bdae126effe325ce57dac4533ba657abe8841159fc5d87c296f4abaf1eb4d612a1e04a8aed8a4f4d16d4133a6b53422681ebd9cf7ad2e58b3f2fe7aafcee25e4
- SSDEEP
  
  12288:qMrGy90ZI/kYOV6eHsVyrxJ+NsoT1PMriO8:QyKI8YE6eB2MriV
Score

10^/10

redline fukia discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinefukiadiscoveryinfostealerpersistence