redline | a85aaa7775f8e4fcc433265a6942ba077ea5bc7e5d1adaec9bb7736cc0817885 | Triage

Submit
Reports

Overview

overview

Static

static

3

a85aaa7775...85.exe

windows7-x64

a85aaa7775...85.exe

windows10-2004-x64

Sharing

General

Target

a85aaa7775f8e4fcc433265a6942ba077ea5bc7e5d1adaec9bb7736cc0817885.exe
Size

4.5MB
Sample

241124-j2qk1sxmdn
MD5

bb8883780ec2c58acfe054bdb3b40c8b
SHA1

5b619c5a25a53c6daddf97ceda6927fb676c5c12
SHA256

a85aaa7775f8e4fcc433265a6942ba077ea5bc7e5d1adaec9bb7736cc0817885
SHA512

c4eab85d0ff25339fc51cd3f57fb68858708adfa3680b298365f8a8064a59d1aac04d765ca69ce648d8a00f3d67d143a84ee44ba361d4d08262cf48ea9ddefba
SSDEEP

98304:PL+HAppIOhPI21+GoZNwCIqeBxZXtJ4UPkeGZyT9vJbbEY6:685IKvwZedXdcGT9vKt

Score

10^/10

redline @litr3x discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a85aaa7775f8e4fcc433265a6942ba077ea5bc7e5d1adaec9bb7736cc0817885.exe

Resource

win7-20241010-en

redline @litr3x discovery infostealer

windows7-x64

7 signatures

120 seconds

Behavioral task

behavioral2

Sample

a85aaa7775f8e4fcc433265a6942ba077ea5bc7e5d1adaec9bb7736cc0817885.exe

Resource

win10v2004-20241007-en

redline @litr3x discovery infostealer

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Extracted

Family

redline

Botnet

@LiTr3x

C2

185.215.113.79:41465

Attributes

auth_value
3e9eda97b6589ac15756de0ba010d48f

Targets

- Target
  
  a85aaa7775f8e4fcc433265a6942ba077ea5bc7e5d1adaec9bb7736cc0817885.exe
- Size
  
  4.5MB
- MD5
  
  bb8883780ec2c58acfe054bdb3b40c8b
- SHA1
  
  5b619c5a25a53c6daddf97ceda6927fb676c5c12
- SHA256
  
  a85aaa7775f8e4fcc433265a6942ba077ea5bc7e5d1adaec9bb7736cc0817885
- SHA512
  
  c4eab85d0ff25339fc51cd3f57fb68858708adfa3680b298365f8a8064a59d1aac04d765ca69ce648d8a00f3d67d143a84ee44ba361d4d08262cf48ea9ddefba
- SSDEEP
  
  98304:PL+HAppIOhPI21+GoZNwCIqeBxZXtJ4UPkeGZyT9vJbbEY6:685IKvwZedXdcGT9vKt
Score

10^/10

redline @litr3x discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@litr3xdiscoveryinfostealer

behavioral2

redline@litr3xdiscoveryinfostealer

© 2018-2024

Terms | Privacy