redline | 7f112eae96e60e1e4b2428e255097329312874605766f789c630a663b8b0d574 | Triage

Sharing

General

Target

7f112eae96e60e1e4b2428e255097329312874605766f789c630a663b8b0d574
Size

566KB
Sample

241111-e266jssgmq
MD5

4acd7cb8ba4f991136a4034983994a2e
SHA1

08e573339181465569095ce7b8b637b44cca7d4e
SHA256

7f112eae96e60e1e4b2428e255097329312874605766f789c630a663b8b0d574
SHA512

be483cc561a562e7a62ebdba82eb71dae18662303de669336e86b4ad4eb5de1430e1196d524cf0e81e90dda67818eae86a4967f94183a0a23812513e86c664f7
SSDEEP

12288:eMrZy90Iy1qAA5ZGkHm8cNNcXvrl7KaGAD4pfZAuv:ny333lm86qJXGUa

Score

10^/10

redline darm discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

darm

C2

217.196.96.56:4138

Attributes

auth_value
d88ac8ccc04ab9979b04b46313db1648

Targets

- Target
  
  7f112eae96e60e1e4b2428e255097329312874605766f789c630a663b8b0d574
- Size
  
  566KB
- MD5
  
  4acd7cb8ba4f991136a4034983994a2e
- SHA1
  
  08e573339181465569095ce7b8b637b44cca7d4e
- SHA256
  
  7f112eae96e60e1e4b2428e255097329312874605766f789c630a663b8b0d574
- SHA512
  
  be483cc561a562e7a62ebdba82eb71dae18662303de669336e86b4ad4eb5de1430e1196d524cf0e81e90dda67818eae86a4967f94183a0a23812513e86c664f7
- SSDEEP
  
  12288:eMrZy90Iy1qAA5ZGkHm8cNNcXvrl7KaGAD4pfZAuv:ny333lm86qJXGUa
Score

10^/10

redline darm discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedarmdiscoveryinfostealerpersistence