redline | aa6c2c3b04168cd516848a1885db5f4e475931ea9cfdf97547f1491889336e42 | Triage

Sharing

General

Target

aa6c2c3b04168cd516848a1885db5f4e475931ea9cfdf97547f1491889336e42
Size

1.2MB
Sample

241114-bsvjls1rbs
MD5

9fc49682ef7c531882ca92c6fadda89c
SHA1

6e97ffe94dfce9f6d3fd9947678816aa5bb4f91b
SHA256

aa6c2c3b04168cd516848a1885db5f4e475931ea9cfdf97547f1491889336e42
SHA512

a25da1aafb278acf18b9ea7263c0640af13854de417070654b37748c1dbffe525058ae2376b4709dca5fd010689a447b077487a07a6a4f99981e6374bbf491a5
SSDEEP

24576:KyQZ0/xEeS78FqRsWPUpgBf56cncQ1xhK7GLYwnGUEu:RaJeS78FkxPXfIccQ1xU7GLYwn5

Score

10^/10

redline most discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

most

C2

185.161.248.73:4164

Attributes

auth_value
7da4dfa153f2919e617aa016f7c36008

Targets

- Target
  
  aa6c2c3b04168cd516848a1885db5f4e475931ea9cfdf97547f1491889336e42
- Size
  
  1.2MB
- MD5
  
  9fc49682ef7c531882ca92c6fadda89c
- SHA1
  
  6e97ffe94dfce9f6d3fd9947678816aa5bb4f91b
- SHA256
  
  aa6c2c3b04168cd516848a1885db5f4e475931ea9cfdf97547f1491889336e42
- SHA512
  
  a25da1aafb278acf18b9ea7263c0640af13854de417070654b37748c1dbffe525058ae2376b4709dca5fd010689a447b077487a07a6a4f99981e6374bbf491a5
- SSDEEP
  
  24576:KyQZ0/xEeS78FqRsWPUpgBf56cncQ1xhK7GLYwnGUEu:RaJeS78FkxPXfIccQ1xU7GLYwn5
Score

10^/10

redline most discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinemostdiscoveryinfostealerpersistence