redline | a7a1fa981a4fb80db7d6fbd65b330f821eb120c0a404cd191f4b6d42a00c147a | Triage

Sharing

General

Target

a7a1fa981a4fb80db7d6fbd65b330f821eb120c0a404cd191f4b6d42a00c147a.exe
Size

420KB
Sample

241123-r4hl7asrfl
MD5

d4dd3f15ab4d717eb36ee02e7644df87
SHA1

21b9d79a3c9189716ef02f305157cd98d85b9096
SHA256

a7a1fa981a4fb80db7d6fbd65b330f821eb120c0a404cd191f4b6d42a00c147a
SHA512

95dc1ed3d62aa45226c136145d61c2a1433c2152fe8ab2f6e8f0e75768854e33b7c4f52ccd9a409bcab5e7917cd33a2c54b4bbd3b391c997ca0d18b20e4e6cfe
SSDEEP

12288:KySmWyompH3niYkfgV1VezWB0TzUkCds5EMKbXVrzsK:7SxyosH3i9gVj6XU05Enlrl

Score

10^/10

redline 5 discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

5

C2

80.87.192.249:16640

Attributes

auth_value
3e4c638c72124e45bcf5164456741cce

Targets

- Target
  
  a7a1fa981a4fb80db7d6fbd65b330f821eb120c0a404cd191f4b6d42a00c147a.exe
- Size
  
  420KB
- MD5
  
  d4dd3f15ab4d717eb36ee02e7644df87
- SHA1
  
  21b9d79a3c9189716ef02f305157cd98d85b9096
- SHA256
  
  a7a1fa981a4fb80db7d6fbd65b330f821eb120c0a404cd191f4b6d42a00c147a
- SHA512
  
  95dc1ed3d62aa45226c136145d61c2a1433c2152fe8ab2f6e8f0e75768854e33b7c4f52ccd9a409bcab5e7917cd33a2c54b4bbd3b391c997ca0d18b20e4e6cfe
- SSDEEP
  
  12288:KySmWyompH3niYkfgV1VezWB0TzUkCds5EMKbXVrzsK:7SxyosH3i9gVj6XU05Enlrl
Score

10^/10

redline 5 discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline5discoveryinfostealer

behavioral2

redline5discoveryinfostealer