redline | 56a4cdf8e1b0495ed616771f89503cb7d61db1b0dd50ea1b109d3794799da385 | Triage

Submit
Reports

Overview

overview

Static

static

1

i586.elf

ubuntu-22.04-amd64

Sharing

General

Target

i586.elf
Size

84KB
Sample

241129-vzddfsslfr
MD5

f4c7c1923b70ef59b7f6497b566cf4e1
SHA1

ff1140096069212e88aad285ed2d9018b028a92a
SHA256

56a4cdf8e1b0495ed616771f89503cb7d61db1b0dd50ea1b109d3794799da385
SHA512

fc7071f23c47c20b70cbac52f2dff30cef4d1dbf5acee86c1c6bb238e85eb8628f2e296296902d62ed2581e6161e214779ea8e7de4b5a4503754fde73d2fead9
SSDEEP

1536:MMVHgID0gMG8lecoq52lp3lwNE0NhW+2h3Ab2m5C+6RsU731k9HXquJr:MQgIDx8wcoq52lpK57Wxh3eRwO9nt

Score

10^/10

redline antivm defense_evasion discovery infostealer linux

Static task

static1

Behavioral task

behavioral1

Sample

i586.elf

Resource

ubuntu2204-amd64-20240611-en

redline antivm defense_evasion discovery infostealer

ubuntu-22.04-amd64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  i586.elf
- Size
  
  84KB
- MD5
  
  f4c7c1923b70ef59b7f6497b566cf4e1
- SHA1
  
  ff1140096069212e88aad285ed2d9018b028a92a
- SHA256
  
  56a4cdf8e1b0495ed616771f89503cb7d61db1b0dd50ea1b109d3794799da385
- SHA512
  
  fc7071f23c47c20b70cbac52f2dff30cef4d1dbf5acee86c1c6bb238e85eb8628f2e296296902d62ed2581e6161e214779ea8e7de4b5a4503754fde73d2fead9
- SSDEEP
  
  1536:MMVHgID0gMG8lecoq52lp3lwNE0NhW+2h3Ab2m5C+6RsU731k9HXquJr:MQgIDx8wcoq52lpK57Wxh3eRwO9nt
Score

10^/10

redline antivm defense_evasion discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Redline family
  redline
- Contacts a large (35360) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Renames itself
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Network Service Discovery

Virtualization/Sandbox Evasion

System Checks

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineantivmdefense_evasiondiscoveryinfostealer

© 2018-2025

Terms | Privacy