redline | 34ecdfdbbf38d2f84fe340c5063cebb0fb2d170e45f7163a851bd89cc4f56acb | Triage

Sharing

General

Target

34ecdfdbbf38d2f84fe340c5063cebb0fb2d170e45f7163a851bd89cc4f56acb
Size

64KB
Sample

241111-cftbfstjhp
MD5

64b295b9b579393fe1b8f0f4913492fa
SHA1

c49055608cea92964758f6b3d5652edb083a2ef9
SHA256

34ecdfdbbf38d2f84fe340c5063cebb0fb2d170e45f7163a851bd89cc4f56acb
SHA512

292265e906ea346922da76360da4deb7e5d99f987569855334e82dd70fdf6de8660a9609d7ba601f9667c24b22669409ce9ae41e1bb989ef006c1cdd8fbcd500
SSDEEP

1536:5zwor+IrwuyX6PBWu7bindNnABpEXIMxsroj+:uPybyXFu7+fnABCIMD+

Score

10^/10

redline lagu discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

lagu

C2

217.196.96.101:4132

Attributes

auth_value
8c4969092a4e18461b2347c0aa54b6a5

Targets

- Target
  
  58394ff4e67ca06b5d9c1a7c9ae6e5800c61dba680a13d3ef8ac2b3f55b815ee
- Size
  
  168KB
- MD5
  
  089aff8a6e34b39397fc650c5fe488b3
- SHA1
  
  4b6eb74db7e5d88cd9c6fc21010624d35ddfd155
- SHA256
  
  58394ff4e67ca06b5d9c1a7c9ae6e5800c61dba680a13d3ef8ac2b3f55b815ee
- SHA512
  
  84c605541797c498882441d3209f878dd54937f19423e21719684e2bd02d10c030993e2e24a13e245c1a0eea120a9593d6d045642a19aa8b5421c589aa3d7e66
- SSDEEP
  
  1536:ItfL+g1qlVZRGWSc3r1nn8V/CRE/WXzTGqVobueBclPWowySp83wYkK8e8h+:UTRBInUCK5qVYAhWowygI8e8h+
Score

10^/10

redline lagu discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinelagudiscoveryinfostealer

behavioral2

redlinelagudiscoveryinfostealer