redline | 5924f6ed908b32eaed98d4aaa529e0f198a19b23bca2504c484e951c83bcc5da | Triage

Sharing

General

Target

d55f337e99662bf973ad9d4140b938e7bcac4035df5d9a0a8f8f3fafa551f50fN.exe
Size

175KB
Sample

241111-ahsftsxnas
MD5

a7e57ad80eb1cd8e87d2babe51b732c1
SHA1

765c3daeb6a9fe9395f7fd99b705e35ea5eda46e
SHA256

5924f6ed908b32eaed98d4aaa529e0f198a19b23bca2504c484e951c83bcc5da
SHA512

ea3e63f3b3eb538888aab2061f32dce1c88e0923fa75ea54f155645863856a618c08498cba98effd1c832ce60acc06a3701d41bccad5cf282862b520d32afc1d
SSDEEP

3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOS:mqZg/Z6XJIihD

Score

10^/10

redline from discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

from

C2

176.113.115.145:4125

Attributes

auth_value
8633e283485822a4a48f0a41d5397566

Targets

- Target
  
  d55f337e99662bf973ad9d4140b938e7bcac4035df5d9a0a8f8f3fafa551f50fN.exe
- Size
  
  175KB
- MD5
  
  a7e57ad80eb1cd8e87d2babe51b732c1
- SHA1
  
  765c3daeb6a9fe9395f7fd99b705e35ea5eda46e
- SHA256
  
  5924f6ed908b32eaed98d4aaa529e0f198a19b23bca2504c484e951c83bcc5da
- SHA512
  
  ea3e63f3b3eb538888aab2061f32dce1c88e0923fa75ea54f155645863856a618c08498cba98effd1c832ce60acc06a3701d41bccad5cf282862b520d32afc1d
- SSDEEP
  
  3072:4xqZWZRanU2n0/Z62eJ5evJ9ih+PxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOS:mqZg/Z6XJIihD
Score

10^/10

redline from discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinefromdiscoveryinfostealer

behavioral2

redlinefromdiscoveryinfostealer