redline | 62701743e7873627246728a2c9ea0f47bb2e7496df52635864e26adeb0a4f4b9 | Triage

Sharing

General

Target

62701743e7873627246728a2c9ea0f47bb2e7496df52635864e26adeb0a4f4b9N.exe
Size

168KB
Sample

241124-j9tbwa1rbv
MD5

46eb52fce5d4072d90de6c39a389c390
SHA1

97304f9e710a75bb1a3e2fe9207725629231be8e
SHA256

62701743e7873627246728a2c9ea0f47bb2e7496df52635864e26adeb0a4f4b9
SHA512

b47c66821ef8cc37bc8b5b54b84911416320741bbad541a0e2150a31dc1a3df16a4a514e99e2bb6142e06d32d17dd670cd26b4e54feb32128c5708c35772d335
SSDEEP

3072:iKAauIg8WXywg4y1LqVcwUN2rRK0J8e8hx:iKAfrszeRK0J

Score

10^/10

redline divan discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

divan

C2

217.196.96.102:4132

Attributes

auth_value
b414986bebd7f5a3ec9aee0341b8e769

Targets

- Target
  
  62701743e7873627246728a2c9ea0f47bb2e7496df52635864e26adeb0a4f4b9N.exe
- Size
  
  168KB
- MD5
  
  46eb52fce5d4072d90de6c39a389c390
- SHA1
  
  97304f9e710a75bb1a3e2fe9207725629231be8e
- SHA256
  
  62701743e7873627246728a2c9ea0f47bb2e7496df52635864e26adeb0a4f4b9
- SHA512
  
  b47c66821ef8cc37bc8b5b54b84911416320741bbad541a0e2150a31dc1a3df16a4a514e99e2bb6142e06d32d17dd670cd26b4e54feb32128c5708c35772d335
- SSDEEP
  
  3072:iKAauIg8WXywg4y1LqVcwUN2rRK0J8e8hx:iKAfrszeRK0J
Score

10^/10

redline divan discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedivandiscoveryinfostealer

behavioral2

redlinedivandiscoveryinfostealer