redline | a14bde97180adcb9b68b679d487e64f88b2df45f4cd6b2b32632903799b61938 | Triage

Sharing

General

Target

a14bde97180adcb9b68b679d487e64f88b2df45f4cd6b2b32632903799b61938N.exe
Size

168KB
Sample

241205-jc2lzsvkaw
MD5

644b7391feb6abf434fa2b03384bcee0
SHA1

a0df44e2ef33f635f39416dc87e2c403ba4e30bf
SHA256

a14bde97180adcb9b68b679d487e64f88b2df45f4cd6b2b32632903799b61938
SHA512

19f323adfa3c6841ed53ed015ab9b667b54d8e3fb559d41ecc0ee1e90a11e09b9fb953a9830f2646f3e64f0c83ffe9101a0f119994476a796501fcac122d0dd7
SSDEEP

1536:XxB0RhlTQqlVZRGWggKbrGawXXkLYppppn/GTGqV0buXtXJKmE7n483wYkd8e8h1:XmtGRWUEppppn7qVMQZKmE7n4r8e8h1

Score

10^/10

redline dariy discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

dariy

C2

217.196.96.101:4132

Attributes

auth_value
2f34aa0d1cb1023a826825b68ebedcc8

Targets

- Target
  
  a14bde97180adcb9b68b679d487e64f88b2df45f4cd6b2b32632903799b61938N.exe
- Size
  
  168KB
- MD5
  
  644b7391feb6abf434fa2b03384bcee0
- SHA1
  
  a0df44e2ef33f635f39416dc87e2c403ba4e30bf
- SHA256
  
  a14bde97180adcb9b68b679d487e64f88b2df45f4cd6b2b32632903799b61938
- SHA512
  
  19f323adfa3c6841ed53ed015ab9b667b54d8e3fb559d41ecc0ee1e90a11e09b9fb953a9830f2646f3e64f0c83ffe9101a0f119994476a796501fcac122d0dd7
- SSDEEP
  
  1536:XxB0RhlTQqlVZRGWggKbrGawXXkLYppppn/GTGqV0buXtXJKmE7n483wYkd8e8h1:XmtGRWUEppppn7qVMQZKmE7n4r8e8h1
Score

10^/10

redline dariy discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedariydiscoveryinfostealer

behavioral2

redlinedariydiscoveryinfostealer