redline | 4aad97cc0c95e6fa14e2edc38efea25a0cd0bf703664d6cee8dc56ae72b4c06d | Triage

Submit
Reports

Overview

overview

Static

static

3

4aad97cc0c...6d.exe

windows7-x64

4aad97cc0c...6d.exe

windows10-2004-x64

Sharing

General

Target

4aad97cc0c95e6fa14e2edc38efea25a0cd0bf703664d6cee8dc56ae72b4c06d.exe
Size

859KB
Sample

241122-w3ldxawjhw
MD5

4ce03c4d64798295436854f66bd6b65c
SHA1

9b361cb195f5debf9f9fcbe42137cb33f93b0081
SHA256

4aad97cc0c95e6fa14e2edc38efea25a0cd0bf703664d6cee8dc56ae72b4c06d
SHA512

3f11a0250575066146bcba237ae575f6dee9fbc34d05acefddb477d2bbb28664bc82fe66ce1ae3632e450bc524eb307b2286e792b2da8c6d1695f4cf1787398f
SSDEEP

12288:YOdplud53QIolhA9s0SjEOm17avNGpWasRDuhyOLQXpC3WFlMZPvyRlgNr8+WGuq:7/g3Q1lhACERAGpWGpU5SXyRSNXD3iv8

Score

10^/10

redline @tupa187 discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4aad97cc0c95e6fa14e2edc38efea25a0cd0bf703664d6cee8dc56ae72b4c06d.exe

Resource

win7-20241010-en

redline @tupa187 discovery infostealer

windows7-x64

4 signatures

120 seconds

Behavioral task

behavioral2

Sample

4aad97cc0c95e6fa14e2edc38efea25a0cd0bf703664d6cee8dc56ae72b4c06d.exe

Resource

win10v2004-20241007-en

redline @tupa187 discovery infostealer

windows10-2004-x64

4 signatures

120 seconds

Malware Config

Extracted

Family

redline

Botnet

@tupa187

C2

95.181.152.6:46927

Attributes

auth_value
cdf3919a262c0d6ba99116b375d7551c

Targets

- Target
  
  4aad97cc0c95e6fa14e2edc38efea25a0cd0bf703664d6cee8dc56ae72b4c06d.exe
- Size
  
  859KB
- MD5
  
  4ce03c4d64798295436854f66bd6b65c
- SHA1
  
  9b361cb195f5debf9f9fcbe42137cb33f93b0081
- SHA256
  
  4aad97cc0c95e6fa14e2edc38efea25a0cd0bf703664d6cee8dc56ae72b4c06d
- SHA512
  
  3f11a0250575066146bcba237ae575f6dee9fbc34d05acefddb477d2bbb28664bc82fe66ce1ae3632e450bc524eb307b2286e792b2da8c6d1695f4cf1787398f
- SSDEEP
  
  12288:YOdplud53QIolhA9s0SjEOm17avNGpWasRDuhyOLQXpC3WFlMZPvyRlgNr8+WGuq:7/g3Q1lhACERAGpWGpU5SXyRSNXD3iv8
Score

10^/10

redline @tupa187 discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@tupa187discoveryinfostealer

behavioral2

redline@tupa187discoveryinfostealer

© 2018-2024

Terms | Privacy