redline | fbfb470973135803a543cd71e58d6b70aff6be3bf060721bf711fd98fcf4387a | Triage

Sharing

General

Target

fbfb470973135803a543cd71e58d6b70aff6be3bf060721bf711fd98fcf4387aN.exe
Size

200KB
Sample

241120-bzag1syamr
MD5

cfe4d6a68b72d3c5d8d583d75585fd00
SHA1

a55c424d9a6aaa9ab7913c24d1cbd26a7db299a9
SHA256

fbfb470973135803a543cd71e58d6b70aff6be3bf060721bf711fd98fcf4387a
SHA512

fb4a5e90389772832448a676ebb6ac9f753b7ce5e9affbbdd21ba14ff3d1449257731679f55585af09f403a68cbce9c71dfd0e7161eee2219da737a954eca87b
SSDEEP

3072:KXy+bnr+O1g5GWp1icKAArDZz4N9GhbkrNEk6bzacxnKSfSyxmlY7:KXy+bnr+Xp0yN90QEhzZxnKSnz

Score

10^/10

redline fusa discovery infostealer persistence

Malware Config

Extracted

Family

redline

Botnet

fusa

C2

193.233.20.12:4132

Attributes

auth_value
a08b2f01bd2af756e38c5dd60e87e697

Targets

- Target
  
  fbfb470973135803a543cd71e58d6b70aff6be3bf060721bf711fd98fcf4387aN.exe
- Size
  
  200KB
- MD5
  
  cfe4d6a68b72d3c5d8d583d75585fd00
- SHA1
  
  a55c424d9a6aaa9ab7913c24d1cbd26a7db299a9
- SHA256
  
  fbfb470973135803a543cd71e58d6b70aff6be3bf060721bf711fd98fcf4387a
- SHA512
  
  fb4a5e90389772832448a676ebb6ac9f753b7ce5e9affbbdd21ba14ff3d1449257731679f55585af09f403a68cbce9c71dfd0e7161eee2219da737a954eca87b
- SSDEEP
  
  3072:KXy+bnr+O1g5GWp1icKAArDZz4N9GhbkrNEk6bzacxnKSfSyxmlY7:KXy+bnr+Xp0yN90QEhzZxnKSnz
Score

10^/10

redline fusa discovery infostealer persistence
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinefusadiscoveryinfostealerpersistence