redline | 5ca193b352da1a6f1cbabd4ae82e97c93adae48ba20f108b7012e0840b288cee | Triage

Sharing

General

Target

Installer_Fortnite_Hack_v2.0.1.rar
Size

75.5MB
Sample

241226-k9hqta1qhy
MD5

698dd9643ed99e5321ff2b8db5b4dd2d
SHA1

04ff05755a41ed420d4f68fef180a2aad2760921
SHA256

5ca193b352da1a6f1cbabd4ae82e97c93adae48ba20f108b7012e0840b288cee
SHA512

0f67019105697a76e32f22736d61839766056c492ccbab5a1e5ae6449240a2df41db4583b1ffbf50255a83fc575eb42d977e6eea88a127334f10828610c71d87
SSDEEP

1572864:pC9wlubstiS0XbBGNAz7SWEX7k5H2NC5lv1wTd7mlMdRPEXZo:PlubU6bBRXErk5W851smSB

Score

10^/10

redline @massaruboss discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

@massaruboss

C2

185.215.113.22:80

Targets

- Target
  
  Installer_Fortnite_Hack_v2.0.1.rar
- Size
  
  75.5MB
- MD5
  
  698dd9643ed99e5321ff2b8db5b4dd2d
- SHA1
  
  04ff05755a41ed420d4f68fef180a2aad2760921
- SHA256
  
  5ca193b352da1a6f1cbabd4ae82e97c93adae48ba20f108b7012e0840b288cee
- SHA512
  
  0f67019105697a76e32f22736d61839766056c492ccbab5a1e5ae6449240a2df41db4583b1ffbf50255a83fc575eb42d977e6eea88a127334f10828610c71d87
- SSDEEP
  
  1572864:pC9wlubstiS0XbBGNAz7SWEX7k5H2NC5lv1wTd7mlMdRPEXZo:PlubU6bBRXErk5W851smSB
Score

10^/10

redline @massaruboss discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  Installer_Fortnite_Hack_v2.0.1.rar
- Size
  
  75.5MB
- MD5
  
  faacef0a938e9dfd16dc8f1f7b54a178
- SHA1
  
  7de13ab5a0ef1fb2d6f38bb5e7251ca907a62023
- SHA256
  
  f470271670000fb55deeb6224091c8270deac007ab9643ef181046e4f2077f66
- SHA512
  
  da28d4dce8451e07dc5014475177deb061b1e5f39e9bb909873720a74a848b6d1b648f1a6d5f2122ebc805d06dad7fa65f96d49acda36199f8c6039d4b49b10a
- SSDEEP
  
  1572864:AC9wlubstiS0XbBGNAz7SWEX7k5H2NC5lv1wTd7mlMdRPEXZO:2lubU6bBRXErk5W851smSZ
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@massarubossdiscoveryinfostealer

behavioral2

behavioral3

behavioral4