redline | 9c5531b0156a8265a745d0c900a939664f503577f72e47b7cd753dd4b7c36a22 | Triage

Sharing

General

Target

9c5531b0156a8265a745d0c900a939664f503577f72e47b7cd753dd4b7c36a22
Size

479KB
Sample

241110-scjwlsylaw
MD5

3115590e625254a3d9bf4252bf995659
SHA1

9f8a45cb9e5050e5e709fd8b491462106caa5c4d
SHA256

9c5531b0156a8265a745d0c900a939664f503577f72e47b7cd753dd4b7c36a22
SHA512

52a33a82f3b8c5dfd7b50f8a15a75f56298b14214464be3af84196264f9badf9e14005bbca0b0234e24b41509f92f5af4f4b92a92b3d22e780466fb0ce31b5e4
SSDEEP

12288:JMrey90/Itjl4VEGmE/DU8tJeRk7vZwu/0wuHLoA3:3yVllax/DU8tb7vZv8oA3

Score

10^/10

redline dumud discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

dumud

C2

217.196.96.101:4132

Attributes

auth_value
3e18d4b90418aa3e78d8822e87c62f5c

Targets

- Target
  
  9c5531b0156a8265a745d0c900a939664f503577f72e47b7cd753dd4b7c36a22
- Size
  
  479KB
- MD5
  
  3115590e625254a3d9bf4252bf995659
- SHA1
  
  9f8a45cb9e5050e5e709fd8b491462106caa5c4d
- SHA256
  
  9c5531b0156a8265a745d0c900a939664f503577f72e47b7cd753dd4b7c36a22
- SHA512
  
  52a33a82f3b8c5dfd7b50f8a15a75f56298b14214464be3af84196264f9badf9e14005bbca0b0234e24b41509f92f5af4f4b92a92b3d22e780466fb0ce31b5e4
- SSDEEP
  
  12288:JMrey90/Itjl4VEGmE/DU8tJeRk7vZwu/0wuHLoA3:3yVllax/DU8tb7vZv8oA3
Score

10^/10

redline dumud discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedumuddiscoveryinfostealerpersistence