redline | 9c1ae8110a6dbfa1e10e72f7cb85d92bda8fc9258d4dfb4cb7d56c46a588060e | Triage

Sharing

General

Target

9c1ae8110a6dbfa1e10e72f7cb85d92bda8fc9258d4dfb4cb7d56c46a588060e
Size

1.1MB
Sample

241110-tx4beszmbz
MD5

2486cea3f13755d6eedcf5c0001bec31
SHA1

a8f71f163583dda2f4131a5d5c793294582c14ac
SHA256

9c1ae8110a6dbfa1e10e72f7cb85d92bda8fc9258d4dfb4cb7d56c46a588060e
SHA512

e832c83da1796ea64188e053db8525336c985a8d28f42875e7bdc065f48a416748bd219e4684fd81e883501b21af8fe7309996644ff09817babf459ae1bfc178
SSDEEP

12288:ZMr3y90faOUok5MZjkWP7kt5h/7uyVm6WBlfBA+7pkS0Z9si0726UzXbZqtYp2OX:Ky7OW1Ht5BbE7R0jsmXzU2NJF8denTr

Score

10^/10

redline doma discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

doma

C2

185.161.248.75:4132

Attributes

auth_value
8be53af7f78567706928d0abef953ef4

Targets

- Target
  
  9c1ae8110a6dbfa1e10e72f7cb85d92bda8fc9258d4dfb4cb7d56c46a588060e
- Size
  
  1.1MB
- MD5
  
  2486cea3f13755d6eedcf5c0001bec31
- SHA1
  
  a8f71f163583dda2f4131a5d5c793294582c14ac
- SHA256
  
  9c1ae8110a6dbfa1e10e72f7cb85d92bda8fc9258d4dfb4cb7d56c46a588060e
- SHA512
  
  e832c83da1796ea64188e053db8525336c985a8d28f42875e7bdc065f48a416748bd219e4684fd81e883501b21af8fe7309996644ff09817babf459ae1bfc178
- SSDEEP
  
  12288:ZMr3y90faOUok5MZjkWP7kt5h/7uyVm6WBlfBA+7pkS0Z9si0726UzXbZqtYp2OX:Ky7OW1Ht5BbE7R0jsmXzU2NJF8denTr
Score

10^/10

redline doma discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedomadiscoveryinfostealerpersistence