redline | b90dd1a5a3d01929e66c49052a366b547bb67702ea702b831fe9e99a20f67828 | Triage

Sharing

General

Target

b90dd1a5a3d01929e66c49052a366b547bb67702ea702b831fe9e99a20f67828
Size

480KB
Sample

241111-a8my2ayhmh
MD5

5aebcd05bcb121c12f4eb51d243c53c7
SHA1

f7388b9f70c0786e5e96b8614dc59323f9f6e859
SHA256

b90dd1a5a3d01929e66c49052a366b547bb67702ea702b831fe9e99a20f67828
SHA512

469461a1d282eba1d763d46a46b9280eeab46914455e4588e8c810313bcc02910b9204f3adfedf3e50e69e77a53d3fb435ca7e655118f28370ccd87cf90e21f7
SSDEEP

12288:6MrSy90sKcQ52uqy1MYVs7yj7Log2mvDL75:MywcXuPOYpj7LD/75

Score

10^/10

redline discovery infostealer persistence

Malware Config

Targets

- Target
  
  b90dd1a5a3d01929e66c49052a366b547bb67702ea702b831fe9e99a20f67828
- Size
  
  480KB
- MD5
  
  5aebcd05bcb121c12f4eb51d243c53c7
- SHA1
  
  f7388b9f70c0786e5e96b8614dc59323f9f6e859
- SHA256
  
  b90dd1a5a3d01929e66c49052a366b547bb67702ea702b831fe9e99a20f67828
- SHA512
  
  469461a1d282eba1d763d46a46b9280eeab46914455e4588e8c810313bcc02910b9204f3adfedf3e50e69e77a53d3fb435ca7e655118f28370ccd87cf90e21f7
- SSDEEP
  
  12288:6MrSy90sKcQ52uqy1MYVs7yj7Log2mvDL75:MywcXuPOYpj7LD/75
Score

10^/10

redline discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealerpersistence