redline | b50b7d44cb9baf6343b8441c01607e2533d79fc835431d342a35d36a2800611d | Triage

Sharing

General

Target

ae05d200e26599f323d25fc715588ab3cb5ef19aa7120af93fd9329c021dac44N.exe
Size

170KB
Sample

241111-asj77s1qar
MD5

5450da0887c3cb15122743c2fc1617b3
SHA1

2d3683178715dd593c22f04f9b0bac7568432900
SHA256

b50b7d44cb9baf6343b8441c01607e2533d79fc835431d342a35d36a2800611d
SHA512

335fa049dd31870fc2512f56512ae986f66149984d3635761a7521f51df80f4060e8ad75a3de43fa6705a71cb66add17a64ac2bef1f5d58b50bb2cb3ea68c989
SSDEEP

3072:zbo2i9G9tCQUqVY+FRV1Qw88GjEop8e8hba:zbo2ik9E+F9Qw88GjEopb

Score

10^/10

redline zima discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

zima

C2

176.113.115.145:4125

Attributes

auth_value
2ef701d510c0d27e8a8e3270281678b1

Targets

- Target
  
  ae05d200e26599f323d25fc715588ab3cb5ef19aa7120af93fd9329c021dac44N.exe
- Size
  
  170KB
- MD5
  
  5450da0887c3cb15122743c2fc1617b3
- SHA1
  
  2d3683178715dd593c22f04f9b0bac7568432900
- SHA256
  
  b50b7d44cb9baf6343b8441c01607e2533d79fc835431d342a35d36a2800611d
- SHA512
  
  335fa049dd31870fc2512f56512ae986f66149984d3635761a7521f51df80f4060e8ad75a3de43fa6705a71cb66add17a64ac2bef1f5d58b50bb2cb3ea68c989
- SSDEEP
  
  3072:zbo2i9G9tCQUqVY+FRV1Qw88GjEop8e8hba:zbo2ik9E+F9Qw88GjEopb
Score

10^/10

redline zima discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinezimadiscoveryinfostealer

behavioral2

redlinezimadiscoveryinfostealer