redline | 6822eb1aff53fb4bdaea87306e8f9a815f07275e71bd55731fbbaa704f79d369 | Triage

Sharing

General

Target

6822eb1aff53fb4bdaea87306e8f9a815f07275e71bd55731fbbaa704f79d369
Size

479KB
Sample

241111-f33p7atell
MD5

6ca5468364f5c18b99ed3093a3a6ab93
SHA1

bb9780484558839d5941c7039931bd9515fb51d7
SHA256

6822eb1aff53fb4bdaea87306e8f9a815f07275e71bd55731fbbaa704f79d369
SHA512

44c32f1f940603e5b2084ace7246c1e1c777e5bfb765143c9098237f9dcaa316e26a05f23f7c62ad03f93137b5b73994d4f1d069b0f482e92ac56ebe7a265e06
SSDEEP

12288:XMrEy90jroITXNvu8sayu4QJN8fbn8SVj0jQTa5Jhy:LyDIb4ayLC4n7kQTT

Score

10^/10

redline dumud discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

dumud

C2

217.196.96.101:4132

Attributes

auth_value
3e18d4b90418aa3e78d8822e87c62f5c

Targets

- Target
  
  6822eb1aff53fb4bdaea87306e8f9a815f07275e71bd55731fbbaa704f79d369
- Size
  
  479KB
- MD5
  
  6ca5468364f5c18b99ed3093a3a6ab93
- SHA1
  
  bb9780484558839d5941c7039931bd9515fb51d7
- SHA256
  
  6822eb1aff53fb4bdaea87306e8f9a815f07275e71bd55731fbbaa704f79d369
- SHA512
  
  44c32f1f940603e5b2084ace7246c1e1c777e5bfb765143c9098237f9dcaa316e26a05f23f7c62ad03f93137b5b73994d4f1d069b0f482e92ac56ebe7a265e06
- SSDEEP
  
  12288:XMrEy90jroITXNvu8sayu4QJN8fbn8SVj0jQTa5Jhy:LyDIb4ayLC4n7kQTT
Score

10^/10

redline dumud discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedumuddiscoveryinfostealerpersistence