redline | 55440bf680d4b947e341695136199bbd6ad8b3cf5c39a112b40faa1e73a809fc | Triage

Sharing

General

Target

55440bf680d4b947e341695136199bbd6ad8b3cf5c39a112b40faa1e73a809fc
Size

376KB
Sample

241111-cct4kszgpa
MD5

014f68b15f1ad96765569f3a57f619bf
SHA1

6f5fb81dbc114c1302d567d4fd339a2ac95f8975
SHA256

55440bf680d4b947e341695136199bbd6ad8b3cf5c39a112b40faa1e73a809fc
SHA512

70a3cde16db693dbfb4c9e9c154fc98dfa8c72b396e336da55ca097ca55120114fa54a9af2a7c93bfa98945ef9c3e4b581f57b9ee48a2116a6773025d8f0113e
SSDEEP

6144:Kqy+bnr+4p0yN90QEVHmoFmJE+/nEfbvIVcA0cWaKOcVPEtJ6uOGxosYZQ1c3:6Mroy90jFEE5QV8aK7V0U/sYec3

Score

10^/10

redline discovery infostealer persistence

Malware Config

Targets

- Target
  
  55440bf680d4b947e341695136199bbd6ad8b3cf5c39a112b40faa1e73a809fc
- Size
  
  376KB
- MD5
  
  014f68b15f1ad96765569f3a57f619bf
- SHA1
  
  6f5fb81dbc114c1302d567d4fd339a2ac95f8975
- SHA256
  
  55440bf680d4b947e341695136199bbd6ad8b3cf5c39a112b40faa1e73a809fc
- SHA512
  
  70a3cde16db693dbfb4c9e9c154fc98dfa8c72b396e336da55ca097ca55120114fa54a9af2a7c93bfa98945ef9c3e4b581f57b9ee48a2116a6773025d8f0113e
- SSDEEP
  
  6144:Kqy+bnr+4p0yN90QEVHmoFmJE+/nEfbvIVcA0cWaKOcVPEtJ6uOGxosYZQ1c3:6Mroy90jFEE5QV8aK7V0U/sYec3
Score

10^/10

redline discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealerpersistence