redline | 594595126ba7661a4f5c17472bcbc9287f9624e69b417978db28868d105ba013 | Triage

Sharing

General

Target

JaffaCakes118_594595126ba7661a4f5c17472bcbc9287f9624e69b417978db28868d105ba013
Size

715.0MB
Sample

241225-vzmbcszrbl
MD5

f7707e985cb0c147a779f4bf184b6f92
SHA1

8338a9393539ce65e5e56ed267ca715019a888fe
SHA256

594595126ba7661a4f5c17472bcbc9287f9624e69b417978db28868d105ba013
SHA512

c852688450a6ecea9936a6cf10bf5263c971356e0d3e294769b043b7caca1cadf9afd19b5d63ae016d58199c71afb5e215f7c36c280ad8e742047dcb8333ef44
SSDEEP

196608:+JVIOLYCH8AXvU/lMtPSmwkfMSLFMuTI:ZOjHFv6MtPSm1pt

Score

10^/10

redline @lovsny discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

@lovsny

C2

45.15.156.155:80

Attributes

auth_value
a0a7dd60b94bdb245e10e1d0dbcb9d24

Targets

- Target
  
  JaffaCakes118_594595126ba7661a4f5c17472bcbc9287f9624e69b417978db28868d105ba013
- Size
  
  715.0MB
- MD5
  
  f7707e985cb0c147a779f4bf184b6f92
- SHA1
  
  8338a9393539ce65e5e56ed267ca715019a888fe
- SHA256
  
  594595126ba7661a4f5c17472bcbc9287f9624e69b417978db28868d105ba013
- SHA512
  
  c852688450a6ecea9936a6cf10bf5263c971356e0d3e294769b043b7caca1cadf9afd19b5d63ae016d58199c71afb5e215f7c36c280ad8e742047dcb8333ef44
- SSDEEP
  
  196608:+JVIOLYCH8AXvU/lMtPSmwkfMSLFMuTI:ZOjHFv6MtPSm1pt
Score

10^/10

redline @lovsny discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@lovsnydiscoveryinfostealer

behavioral2

redline@lovsnydiscoveryinfostealer