redline | 343f5d41aee4d2b7259b3b2eff0146657c1bdd729e87b1e8e244ca31b9b67461 | Triage

Sharing

General

Target

343f5d41aee4d2b7259b3b2eff0146657c1bdd729e87b1e8e244ca31b9b67461
Size

556KB
Sample

241111-kkanxazndr
MD5

4cd6ce12c18ec971d1f9d7e6c191e178
SHA1

cfebafa10cc55b933cf7293a604bc906a5bd8437
SHA256

343f5d41aee4d2b7259b3b2eff0146657c1bdd729e87b1e8e244ca31b9b67461
SHA512

9ad49066b1a262b897f1c6de89453294d5b4edf18e39ab4c13bf1bc3f7ac2d85303a48cae034e94df10bad23a3a6b020db8e87f1fc7f1c3d5dc14b4c23dd1100
SSDEEP

12288:ZMrCy90iXztzjgyhowq0XfJo5TtYOas13BMTq7W:3ybJ3gpwrdOaixMT6W

Score

10^/10

redline darm discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

darm

C2

217.196.96.56:4138

Attributes

auth_value
d88ac8ccc04ab9979b04b46313db1648

Targets

- Target
  
  343f5d41aee4d2b7259b3b2eff0146657c1bdd729e87b1e8e244ca31b9b67461
- Size
  
  556KB
- MD5
  
  4cd6ce12c18ec971d1f9d7e6c191e178
- SHA1
  
  cfebafa10cc55b933cf7293a604bc906a5bd8437
- SHA256
  
  343f5d41aee4d2b7259b3b2eff0146657c1bdd729e87b1e8e244ca31b9b67461
- SHA512
  
  9ad49066b1a262b897f1c6de89453294d5b4edf18e39ab4c13bf1bc3f7ac2d85303a48cae034e94df10bad23a3a6b020db8e87f1fc7f1c3d5dc14b4c23dd1100
- SSDEEP
  
  12288:ZMrCy90iXztzjgyhowq0XfJo5TtYOas13BMTq7W:3ybJ3gpwrdOaixMT6W
Score

10^/10

redline darm discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedarmdiscoveryinfostealerpersistence