redline | 79df011e73f03a7f4ee6eaccccba7f4e03663d8f1ae3d9bd5841fa7dd12eb26e | Triage

Sharing

General

Target

79df011e73f03a7f4ee6eaccccba7f4e03663d8f1ae3d9bd5841fa7dd12eb26e
Size

875KB
Sample

241111-cwdkya1cjf
MD5

c183e5258757bb2e62b68fd1eba81975
SHA1

24524bd5309448440405bd012856afea9119ad84
SHA256

79df011e73f03a7f4ee6eaccccba7f4e03663d8f1ae3d9bd5841fa7dd12eb26e
SHA512

4b9028203e7d36ea71560276446c9ce84ff243fcf6aa578f7f6fd7a22c4a851a2007adf40b9a62cc4680c6572e9ae515acad0f8ace45a8544bfcd1e7cb2c2e07
SSDEEP

24576:nyFy5XL0dkqGoo5n4/Q1tjkIfMUaiYjlUmg:yF+t54/QHjHMWYh

Score

10^/10

redline dimas discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

dimas

C2

185.161.248.75:4132

Attributes

auth_value
a5db9b1c53c704e612bccc93ccdb5539

Targets

- Target
  
  79df011e73f03a7f4ee6eaccccba7f4e03663d8f1ae3d9bd5841fa7dd12eb26e
- Size
  
  875KB
- MD5
  
  c183e5258757bb2e62b68fd1eba81975
- SHA1
  
  24524bd5309448440405bd012856afea9119ad84
- SHA256
  
  79df011e73f03a7f4ee6eaccccba7f4e03663d8f1ae3d9bd5841fa7dd12eb26e
- SHA512
  
  4b9028203e7d36ea71560276446c9ce84ff243fcf6aa578f7f6fd7a22c4a851a2007adf40b9a62cc4680c6572e9ae515acad0f8ace45a8544bfcd1e7cb2c2e07
- SSDEEP
  
  24576:nyFy5XL0dkqGoo5n4/Q1tjkIfMUaiYjlUmg:yF+t54/QHjHMWYh
Score

10^/10

redline dimas discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedimasdiscoveryinfostealerpersistence