redline | 3481ffb7a478ee0108aa887764f7684a0203a03712b92c77ba385ea73f8e5f26 | Triage

Sharing

General

Target

3481ffb7a478ee0108aa887764f7684a0203a03712b92c77ba385ea73f8e5f26
Size

479KB
Sample

241111-cdz18ayrbt
MD5

c3bee8f6205cea445b6d4bff688a7c86
SHA1

2e60eb8161dd24c073d73b62cf485dcee00cd6e3
SHA256

3481ffb7a478ee0108aa887764f7684a0203a03712b92c77ba385ea73f8e5f26
SHA512

d21b03111b0e70397b5af9e94c47060adca3e58f56898d6416777ff6691753b6e2a2f2f6f9f84121a5f5207ac1bdff3d918fc3016d957e353d953bab484f28e1
SSDEEP

6144:Khy+bnr+Mp0yN90QEBsBdsFepZkeP93bUjqodCOcKyBIv1ijn0t8TlXwIpxZ54UW:DMrYy90bsBeKgdqKyU9t8xXwyrHWJLl

Score

10^/10

redline ditro discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

ditro

C2

217.196.96.101:4132

Attributes

auth_value
8f24ed370a9b24aa28d3d634ea57912e

Targets

- Target
  
  3481ffb7a478ee0108aa887764f7684a0203a03712b92c77ba385ea73f8e5f26
- Size
  
  479KB
- MD5
  
  c3bee8f6205cea445b6d4bff688a7c86
- SHA1
  
  2e60eb8161dd24c073d73b62cf485dcee00cd6e3
- SHA256
  
  3481ffb7a478ee0108aa887764f7684a0203a03712b92c77ba385ea73f8e5f26
- SHA512
  
  d21b03111b0e70397b5af9e94c47060adca3e58f56898d6416777ff6691753b6e2a2f2f6f9f84121a5f5207ac1bdff3d918fc3016d957e353d953bab484f28e1
- SSDEEP
  
  6144:Khy+bnr+Mp0yN90QEBsBdsFepZkeP93bUjqodCOcKyBIv1ijn0t8TlXwIpxZ54UW:DMrYy90bsBeKgdqKyU9t8xXwyrHWJLl
Score

10^/10

redline ditro discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineditrodiscoveryinfostealerpersistence