redline | 20a124ee1cdd6f9968520ee4066b866b0c8fe82a73e0121cdfc7d713c8183f67 | Triage

Sharing

General

Target

20a124ee1cdd6f9968520ee4066b866b0c8fe82a73e0121cdfc7d713c8183f67
Size

426KB
Sample

241110-swlvbazbjj
MD5

0b44be0c80f2da15d960cd1a0df485ef
SHA1

53b7a6922e3ef3f3bea1ecea47faeb9411bca389
SHA256

20a124ee1cdd6f9968520ee4066b866b0c8fe82a73e0121cdfc7d713c8183f67
SHA512

5bb4164b8afe82bd536a2727ce495e27fff3f46205032f0ca98f03a09020aa010e6e8a5c71a5f90fcf5f891453c10ed4ef4f3f2b529f405540c5eeb259c69418
SSDEEP

6144:n5lFsBEHW9HkEORFRS2CfPubFPrlwuD9p0ZJBnSOCadzyIpH8XyFBgK6yDsodWqQ:na5uh/bFpwurYSE0Ip20g/yDsiWYsn

Score

10^/10

redline fukia discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

fukia

C2

193.233.20.13:4136

Attributes

auth_value
e5783636fbd9e4f0cf9a017bce02e67e

Targets

- Target
  
  fe854ddec5c7621d98c1fc8c0ac33c67fa273783e0a37bcc360f60b6e4e5f31e.exe
- Size
  
  477KB
- MD5
  
  c5660c1ebb1311c810a7d122cfd73d25
- SHA1
  
  fc70616e0d7a1a7e674ab6618c7aa195244ab341
- SHA256
  
  fe854ddec5c7621d98c1fc8c0ac33c67fa273783e0a37bcc360f60b6e4e5f31e
- SHA512
  
  89053825fb335afdf0cbd0334e84b94e8b1724a6a87dfad30c5842ebb895daa0bb3d2eeeb6303394a7231e24757648f9ae8843b457afe8067668a7f3c75e2efc
- SSDEEP
  
  6144:Kuy+bnr+jp0yN90QEOtJMQrXVLrQzb15NeWE3BE2T3HMyVwPkSzcunIQLJE2MAmK:qMrTy908tJbrtrE3E1T3PVwPkLXQXMy
Score

10^/10

redline fukia discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinefukiadiscoveryinfostealerpersistence