redline | f31d9030c5d189c69e04fdf53d1f930521dfda80cafd8467544da8f6a72bcb6d | Triage

Sharing

General

Target

f31d9030c5d189c69e04fdf53d1f930521dfda80cafd8467544da8f6a72bcb6d
Size

567KB
Sample

241111-fhjrkstbjn
MD5

e462b360679a4f91fc3f980179facaa1
SHA1

54cbcf297853c56f291de4cf62951dd3e8103ae1
SHA256

f31d9030c5d189c69e04fdf53d1f930521dfda80cafd8467544da8f6a72bcb6d
SHA512

54f9c178dcc1e4cad6c262aef57183d3c3a987939cd477c04d3d193a5af46916f86373880390ab4420e7ffa59acb8d83fb9b0ff1a4556f5ff3cd3b10db427c5b
SSDEEP

12288:jMr+y90kBzSAPv+sHgODNoPbTIAQ5L/FLJ7K0U4Di:By7BzXPI7DTIB/FLJ7KN2i

Score

10^/10

redline darm discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

darm

C2

217.196.96.56:4138

Attributes

auth_value
d88ac8ccc04ab9979b04b46313db1648

Targets

- Target
  
  f31d9030c5d189c69e04fdf53d1f930521dfda80cafd8467544da8f6a72bcb6d
- Size
  
  567KB
- MD5
  
  e462b360679a4f91fc3f980179facaa1
- SHA1
  
  54cbcf297853c56f291de4cf62951dd3e8103ae1
- SHA256
  
  f31d9030c5d189c69e04fdf53d1f930521dfda80cafd8467544da8f6a72bcb6d
- SHA512
  
  54f9c178dcc1e4cad6c262aef57183d3c3a987939cd477c04d3d193a5af46916f86373880390ab4420e7ffa59acb8d83fb9b0ff1a4556f5ff3cd3b10db427c5b
- SSDEEP
  
  12288:jMr+y90kBzSAPv+sHgODNoPbTIAQ5L/FLJ7K0U4Di:By7BzXPI7DTIB/FLJ7KN2i
Score

10^/10

redline darm discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedarmdiscoveryinfostealerpersistence