redline | a0ee11d0b7e5d320c729f6cf1765dc7ae8c1cbbaf2f03298c8fb93e1cc3ff064 | Triage

Sharing

General

Target

a0ee11d0b7e5d320c729f6cf1765dc7ae8c1cbbaf2f03298c8fb93e1cc3ff064
Size

474KB
Sample

241111-acd19aybqc
MD5

507f5d5663662fb6a5d84e3f5516ad18
SHA1

54af8fcc323e343a431ac3b3ce0b0d6906aaff96
SHA256

a0ee11d0b7e5d320c729f6cf1765dc7ae8c1cbbaf2f03298c8fb93e1cc3ff064
SHA512

478435d01193d2c35d2624e9200f284497d48d737560d39f0388d1cad52eb9ca8cf7dee50bd7387cb689ebb82787dcad397ba5a810c757956fbd0d564352571f
SSDEEP

6144:K4y+bnr+cp0yN90QEDSy1r20P9TjzTXfvtJ05LElvaxttIemtWPj3TCzgt8n:AMroy908U2W7T9J02haxUesWP35t8n

Score

10^/10

redline fusa discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

fusa

C2

193.233.20.12:4132

Attributes

auth_value
a08b2f01bd2af756e38c5dd60e87e697

Targets

- Target
  
  a0ee11d0b7e5d320c729f6cf1765dc7ae8c1cbbaf2f03298c8fb93e1cc3ff064
- Size
  
  474KB
- MD5
  
  507f5d5663662fb6a5d84e3f5516ad18
- SHA1
  
  54af8fcc323e343a431ac3b3ce0b0d6906aaff96
- SHA256
  
  a0ee11d0b7e5d320c729f6cf1765dc7ae8c1cbbaf2f03298c8fb93e1cc3ff064
- SHA512
  
  478435d01193d2c35d2624e9200f284497d48d737560d39f0388d1cad52eb9ca8cf7dee50bd7387cb689ebb82787dcad397ba5a810c757956fbd0d564352571f
- SSDEEP
  
  6144:K4y+bnr+cp0yN90QEDSy1r20P9TjzTXfvtJ05LElvaxttIemtWPj3TCzgt8n:AMroy908U2W7T9J02haxUesWP35t8n
Score

10^/10

redline fusa discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinefusadiscoveryinfostealerpersistence