redline | d72e23bf3671a455ddf5ff954d7fe7bf107e573597731120c3a41d14410915a9 | Triage

Sharing

General

Target

3e619dd5b0550be6b260faa8af5b0daf171161ec
Size

208KB
Sample

241111-bmal9azbqh
MD5

fcb61fcf5bf2539c8bcefa97fc4e2d2f
SHA1

3e619dd5b0550be6b260faa8af5b0daf171161ec
SHA256

d72e23bf3671a455ddf5ff954d7fe7bf107e573597731120c3a41d14410915a9
SHA512

735f98d5dd8ddc093dc2fca4d8a6223990529a8c779c2729a9113fe4ea2ce0f75ced3dbd827f6fd36a17815e5f67499b7a7b3a2aba34ac06cac19ba5b1063ad7
SSDEEP

3072:NG5Vw/aRSZQQTeYEk+Qavs3z/N6bdiRSGR2UtEnpDhTq6p:NGA/YsCYI16boZioJDh

Score

10^/10

redline merzel discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

Merzel

C2

20.119.228.194:46014

Attributes

auth_value
e66e45492bb6c2c321e9631c8caee974

Targets

- Target
  
  3e619dd5b0550be6b260faa8af5b0daf171161ec
- Size
  
  208KB
- MD5
  
  fcb61fcf5bf2539c8bcefa97fc4e2d2f
- SHA1
  
  3e619dd5b0550be6b260faa8af5b0daf171161ec
- SHA256
  
  d72e23bf3671a455ddf5ff954d7fe7bf107e573597731120c3a41d14410915a9
- SHA512
  
  735f98d5dd8ddc093dc2fca4d8a6223990529a8c779c2729a9113fe4ea2ce0f75ced3dbd827f6fd36a17815e5f67499b7a7b3a2aba34ac06cac19ba5b1063ad7
- SSDEEP
  
  3072:NG5Vw/aRSZQQTeYEk+Qavs3z/N6bdiRSGR2UtEnpDhTq6p:NGA/YsCYI16boZioJDh
Score

10^/10

redline merzel discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinemerzeldiscoveryinfostealer

behavioral2

redlinemerzeldiscoveryinfostealer