redline | ea7fdf3481351ec37052dfce65cd36ca157336089eecd4135584684acb2f9485 | Triage

Sharing

General

Target

ea7fdf3481351ec37052dfce65cd36ca157336089eecd4135584684acb2f9485N.exe
Size

145KB
Sample

241119-2f5f6atqc1
MD5

dbc41295c1cd315fb87b3486d2ede270
SHA1

6f7af86113f923da006809c2590c0006bcafc803
SHA256

ea7fdf3481351ec37052dfce65cd36ca157336089eecd4135584684acb2f9485
SHA512

be9818ecca9f773d874ad0bf93498ecb9f779811f05c88ffded431ce5c8cd4399fffd81ae1a958cfc97989e20135727a583498c33403c1235c7e28e446b0e457
SSDEEP

3072:nV+m5czQmRS9I6E24dl3CZz3FhRZG8e8hT:njKmE2WcTFhR8

Score

10^/10

redline masta discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

masta

C2

185.161.248.75:4132

Attributes

auth_value
57f23b6b74d0f680c5a0c8ac9f52bd75

Targets

- Target
  
  ea7fdf3481351ec37052dfce65cd36ca157336089eecd4135584684acb2f9485N.exe
- Size
  
  145KB
- MD5
  
  dbc41295c1cd315fb87b3486d2ede270
- SHA1
  
  6f7af86113f923da006809c2590c0006bcafc803
- SHA256
  
  ea7fdf3481351ec37052dfce65cd36ca157336089eecd4135584684acb2f9485
- SHA512
  
  be9818ecca9f773d874ad0bf93498ecb9f779811f05c88ffded431ce5c8cd4399fffd81ae1a958cfc97989e20135727a583498c33403c1235c7e28e446b0e457
- SSDEEP
  
  3072:nV+m5czQmRS9I6E24dl3CZz3FhRZG8e8hT:njKmE2WcTFhR8
Score

10^/10

redline masta discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinemastadiscoveryinfostealer

behavioral2

redlinemastadiscoveryinfostealer