redline | 1f3283e83182a3aebad7eeb251aaca026bff54bdcb2743dd8b5df1451c8594a0 | Triage

Sharing

General

Target

1f3283e83182a3aebad7eeb251aaca026bff54bdcb2743dd8b5df1451c8594a0N
Size

843KB
Sample

241114-l1la1sxfmj
MD5

bebcbf9acb801cf5fae814f2ebb07ea0
SHA1

a00ed1d415fbc17e15f226f86ff8b3dd79fd9b35
SHA256

1f3283e83182a3aebad7eeb251aaca026bff54bdcb2743dd8b5df1451c8594a0
SHA512

265b1186a175929b57c19448330ad0ced3ce28c24dbeb3a732fa78767e1b8e46c5fa6ba44036b7f58c007120e57079b0e840af3757a1754773fa1e8d9cd677e6
SSDEEP

12288:1y90dA89VpKtsg5ArlyU3Z5qZf8GnvSqeix8gY7C+fdrAvKJy9Xhr83xdv2:1y69VpKf5xr56qeiJYdACs9XIdv2

Score

10^/10

redline most discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

most

C2

185.161.248.73:4164

Attributes

auth_value
7da4dfa153f2919e617aa016f7c36008

Targets

- Target
  
  1f3283e83182a3aebad7eeb251aaca026bff54bdcb2743dd8b5df1451c8594a0N
- Size
  
  843KB
- MD5
  
  bebcbf9acb801cf5fae814f2ebb07ea0
- SHA1
  
  a00ed1d415fbc17e15f226f86ff8b3dd79fd9b35
- SHA256
  
  1f3283e83182a3aebad7eeb251aaca026bff54bdcb2743dd8b5df1451c8594a0
- SHA512
  
  265b1186a175929b57c19448330ad0ced3ce28c24dbeb3a732fa78767e1b8e46c5fa6ba44036b7f58c007120e57079b0e840af3757a1754773fa1e8d9cd677e6
- SSDEEP
  
  12288:1y90dA89VpKtsg5ArlyU3Z5qZf8GnvSqeix8gY7C+fdrAvKJy9Xhr83xdv2:1y69VpKf5xr56qeiJYdACs9XIdv2
Score

10^/10

redline most discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinemostdiscoveryinfostealerpersistence