redline | 7d8eae0fb5daead81c18cf83bcaa68896442159b5fd15bf6d34b15b079b3a9b4 | Triage

Sharing

General

Target

file.exe
Size

300KB
Sample

241209-tpmzgaykck
MD5

3edc68fb9a58f24cbd529d7c0a536757
SHA1

ea62ab146a6b043818078d0b05e7f73444ed4881
SHA256

7d8eae0fb5daead81c18cf83bcaa68896442159b5fd15bf6d34b15b079b3a9b4
SHA512

8475ea0aab4e137565c101ebdf235bb1a370f124c012fe24e88d1ac32b580235d2579b1bd47d9aec94c1322d5c78dc31dc04f54f67b82cbebabf4cdcede82701
SSDEEP

3072:acZqf7D34Tp/0+mA0kywMlQEg85fB1fA0PuTVAtkxz73RMeqiOL2bBOA:acZqf7DItnGCQNB1fA0GTV8kR0L

Score

10^/10

redline foz discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

FOZ

C2

212.162.149.48:2049

Targets

- Target
  
  file.exe
- Size
  
  300KB
- MD5
  
  3edc68fb9a58f24cbd529d7c0a536757
- SHA1
  
  ea62ab146a6b043818078d0b05e7f73444ed4881
- SHA256
  
  7d8eae0fb5daead81c18cf83bcaa68896442159b5fd15bf6d34b15b079b3a9b4
- SHA512
  
  8475ea0aab4e137565c101ebdf235bb1a370f124c012fe24e88d1ac32b580235d2579b1bd47d9aec94c1322d5c78dc31dc04f54f67b82cbebabf4cdcede82701
- SSDEEP
  
  3072:acZqf7D34Tp/0+mA0kywMlQEg85fB1fA0PuTVAtkxz73RMeqiOL2bBOA:acZqf7DItnGCQNB1fA0GTV8kR0L
Score

10^/10

redline foz discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinefozdiscoveryinfostealer

behavioral2

redlinefozdiscoveryinfostealer