redline | f90c830b1429e250a709a6ec1a7d3f9a67599d39d45dd6bfb0ff185a12b43e5e | Triage

Sharing

General

Target

f90c830b1429e250a709a6ec1a7d3f9a67599d39d45dd6bfb0ff185a12b43e5e
Size

565KB
Sample

241110-xg13xashrf
MD5

437f1a1008d04beb255b3435da5ae67a
SHA1

69c15a52c3acb8b386f5b7e0dd9a6fc86d08a152
SHA256

f90c830b1429e250a709a6ec1a7d3f9a67599d39d45dd6bfb0ff185a12b43e5e
SHA512

ff95fd91d0b95d1432957bf543b49124e5a85cb986e5371242a06b8ee0dd25f17f9e4153035290fa0236bbcc611877d771dc4739256d9b45b15b26c37ed5bde0
SSDEEP

12288:HMrRy90XfhjmUHigSayoMY1le4pqTlmp8cWtJ7KPLvUX8:yyUxti7aoYD2lmproo3

Score

10^/10

redline darm discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

darm

C2

217.196.96.56:4138

Attributes

auth_value
d88ac8ccc04ab9979b04b46313db1648

Targets

- Target
  
  f90c830b1429e250a709a6ec1a7d3f9a67599d39d45dd6bfb0ff185a12b43e5e
- Size
  
  565KB
- MD5
  
  437f1a1008d04beb255b3435da5ae67a
- SHA1
  
  69c15a52c3acb8b386f5b7e0dd9a6fc86d08a152
- SHA256
  
  f90c830b1429e250a709a6ec1a7d3f9a67599d39d45dd6bfb0ff185a12b43e5e
- SHA512
  
  ff95fd91d0b95d1432957bf543b49124e5a85cb986e5371242a06b8ee0dd25f17f9e4153035290fa0236bbcc611877d771dc4739256d9b45b15b26c37ed5bde0
- SSDEEP
  
  12288:HMrRy90XfhjmUHigSayoMY1le4pqTlmp8cWtJ7KPLvUX8:yyUxti7aoYD2lmproo3
Score

10^/10

redline darm discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedarmdiscoveryinfostealerpersistence