redline | 071e7bf16b9aa13f7734d4569fb8c0c5cb33993f6f093a3960d0c175f1dcc6b0 | Triage

Sharing

General

Target

071e7bf16b9aa13f7734d4569fb8c0c5cb33993f6f093a3960d0c175f1dcc6b0N
Size

175KB
Sample

241110-z6tq8svgkp
MD5

0af8ac8e620c90a3e9ca3e1267e54060
SHA1

3e448a1983d699a43943cdca1ee8324d53e9c7a5
SHA256

071e7bf16b9aa13f7734d4569fb8c0c5cb33993f6f093a3960d0c175f1dcc6b0
SHA512

b73f46e2c6911e0904ea657b5866447ec97765d856c30671f45bd1585121048c822061ba300756afb1b640d4f0ad84b4f0be59d68ff57759abba35718c5405ae
SSDEEP

3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOm:mqZg/Z6XJIih

Score

10^/10

redline from discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

from

C2

176.113.115.145:4125

Attributes

auth_value
8633e283485822a4a48f0a41d5397566

Targets

- Target
  
  071e7bf16b9aa13f7734d4569fb8c0c5cb33993f6f093a3960d0c175f1dcc6b0N
- Size
  
  175KB
- MD5
  
  0af8ac8e620c90a3e9ca3e1267e54060
- SHA1
  
  3e448a1983d699a43943cdca1ee8324d53e9c7a5
- SHA256
  
  071e7bf16b9aa13f7734d4569fb8c0c5cb33993f6f093a3960d0c175f1dcc6b0
- SHA512
  
  b73f46e2c6911e0904ea657b5866447ec97765d856c30671f45bd1585121048c822061ba300756afb1b640d4f0ad84b4f0be59d68ff57759abba35718c5405ae
- SSDEEP
  
  3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOm:mqZg/Z6XJIih
Score

10^/10

redline from discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinefromdiscoveryinfostealer

behavioral2

redlinefromdiscoveryinfostealer