redline | e066725d1da49e6fe75c14be80c53df852c0890bce4332ccdb990f3c434a7241 | Triage

Sharing

General

Target

e066725d1da49e6fe75c14be80c53df852c0890bce4332ccdb990f3c434a7241
Size

1.5MB
Sample

241111-b3k3xssqem
MD5

7eda7c90383c65582a8307635f2ee7e4
SHA1

3b5516c788b67eebc9a71e1f5867b046b8a07b34
SHA256

e066725d1da49e6fe75c14be80c53df852c0890bce4332ccdb990f3c434a7241
SHA512

ca030ad553e0afb79935a66f652b1c9daecbafff6a3269a1ec8d0d47eb7fd8b9a637bf834e42cc2fc02b535e3484de79818133327a2c5c4f0bf23fd52f81fd1b
SSDEEP

24576:ZyCVZYYA4UILwue+HFjZ8WnimwW+ym/R2GCYxT5j33N1nEggJbyQVoQmaafBY:MWYYQIcIgWIf1/REs5j3jnEto6+5

Score

10^/10

redline most discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

most

C2

185.161.248.73:4164

Attributes

auth_value
7da4dfa153f2919e617aa016f7c36008

Targets

- Target
  
  e066725d1da49e6fe75c14be80c53df852c0890bce4332ccdb990f3c434a7241
- Size
  
  1.5MB
- MD5
  
  7eda7c90383c65582a8307635f2ee7e4
- SHA1
  
  3b5516c788b67eebc9a71e1f5867b046b8a07b34
- SHA256
  
  e066725d1da49e6fe75c14be80c53df852c0890bce4332ccdb990f3c434a7241
- SHA512
  
  ca030ad553e0afb79935a66f652b1c9daecbafff6a3269a1ec8d0d47eb7fd8b9a637bf834e42cc2fc02b535e3484de79818133327a2c5c4f0bf23fd52f81fd1b
- SSDEEP
  
  24576:ZyCVZYYA4UILwue+HFjZ8WnimwW+ym/R2GCYxT5j33N1nEggJbyQVoQmaafBY:MWYYQIcIgWIf1/REs5j3jnEto6+5
Score

10^/10

redline most discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinemostdiscoveryinfostealerpersistence