redline | a6ec47b68d75ac20a3f5cf2b200daa632161fc25429170992c1bd12b25458f4e | Triage

Sharing

General

Target

a6ec47b68d75ac20a3f5cf2b200daa632161fc25429170992c1bd12b25458f4e.exe
Size

168KB
Sample

241119-yek5ca1kaz
MD5

7630916f6baefee5420dfe628d163d3c
SHA1

a73901e22cd5c5d9263c2ca18f8cb4a0df1b9dd1
SHA256

a6ec47b68d75ac20a3f5cf2b200daa632161fc25429170992c1bd12b25458f4e
SHA512

4b284a5827ca14c14a18cd6d2b6fb5d40120a9bdce4a9200ac894b78c7d0dd5ad8a7acca36088536213c78f60eaa167125ce8fe012d89872a51d3dfb45ca2652
SSDEEP

1536:jyOHBgqlVZRGWQ3ZrrQUYH9izdOzu2dTGqVibuTjNkZOjgAVU83wYke8e8hfH:jyOhyTI7YqV2KqZOjgAVUw8e8hfH

Score

10^/10

redline diza discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

diza

C2

77.91.124.145:4125

Attributes

auth_value
bbab0d2f0ae4d4fdd6b17077d93b3e80

Targets

- Target
  
  a6ec47b68d75ac20a3f5cf2b200daa632161fc25429170992c1bd12b25458f4e.exe
- Size
  
  168KB
- MD5
  
  7630916f6baefee5420dfe628d163d3c
- SHA1
  
  a73901e22cd5c5d9263c2ca18f8cb4a0df1b9dd1
- SHA256
  
  a6ec47b68d75ac20a3f5cf2b200daa632161fc25429170992c1bd12b25458f4e
- SHA512
  
  4b284a5827ca14c14a18cd6d2b6fb5d40120a9bdce4a9200ac894b78c7d0dd5ad8a7acca36088536213c78f60eaa167125ce8fe012d89872a51d3dfb45ca2652
- SSDEEP
  
  1536:jyOHBgqlVZRGWQ3ZrrQUYH9izdOzu2dTGqVibuTjNkZOjgAVU83wYke8e8hfH:jyOhyTI7YqV2KqZOjgAVUw8e8hfH
Score

10^/10

redline diza discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedizadiscoveryinfostealer

behavioral2

redlinedizadiscoveryinfostealer