redline | 2c4efdfb19431bd2ec167338854f543bbd8ab23006998655a3e873edb305dc17 | Triage

Sharing

General

Target

2c4efdfb19431bd2ec167338854f543bbd8ab23006998655a3e873edb305dc17.exe
Size

104KB
Sample

241123-2jh3bsznh1
MD5

ba8b55a96e88ceaec6c2170b7b0a14b5
SHA1

53fb893fa25cbf4adda4e0d8afdc017430fedcb4
SHA256

2c4efdfb19431bd2ec167338854f543bbd8ab23006998655a3e873edb305dc17
SHA512

bb1bc61f234afd2f5e0920bbbb0a0af6e245e04789a0dc5ce258513f18b8b9fa24c2aafb9448d7e14dedc0b1e6a3423b9654c05ff5c31771a87f5b76533dc1a2
SSDEEP

3072:pag0s5bLjlp5qg0mJvVNbk7gMZPV4IJvBZn9Zq:xTbLjlp5qg0ENraDdvq

Score

10^/10

redline roocrash v2.5 discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

RooCrash V2.5

C2

92.246.89.23:21869

Attributes

auth_value
de96507e639360f7a16601c22d57c808

Targets

- Target
  
  2c4efdfb19431bd2ec167338854f543bbd8ab23006998655a3e873edb305dc17.exe
- Size
  
  104KB
- MD5
  
  ba8b55a96e88ceaec6c2170b7b0a14b5
- SHA1
  
  53fb893fa25cbf4adda4e0d8afdc017430fedcb4
- SHA256
  
  2c4efdfb19431bd2ec167338854f543bbd8ab23006998655a3e873edb305dc17
- SHA512
  
  bb1bc61f234afd2f5e0920bbbb0a0af6e245e04789a0dc5ce258513f18b8b9fa24c2aafb9448d7e14dedc0b1e6a3423b9654c05ff5c31771a87f5b76533dc1a2
- SSDEEP
  
  3072:pag0s5bLjlp5qg0mJvVNbk7gMZPV4IJvBZn9Zq:xTbLjlp5qg0ENraDdvq
Score

10^/10

redline roocrash v2.5 discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

roocrash v2.5redline

behavioral1

redlineroocrash v2.5discoveryinfostealer

behavioral2

redlineroocrash v2.5discoveryinfostealer