redline | 5733022e0a84fede4220137c51b947633ba407457ccaf3022bcec3876b2c7d0f | Triage

Sharing

General

Target

JaffaCakes118_4788b9f2b49471fa3f20ce9ac9fd8524
Size

103KB
Sample

250107-ckptts1mdm
MD5

4788b9f2b49471fa3f20ce9ac9fd8524
SHA1

37daa0fae772bf7634f1e71339a31252b86fd9a8
SHA256

5733022e0a84fede4220137c51b947633ba407457ccaf3022bcec3876b2c7d0f
SHA512

6ed4f4fc69872e2c92aa64913de9dd523fed4a8afb036462ddf20e2f210f6d0cb88c887a4b148bb0b3262bc49bf4ea8b54536b73e7b093aaeec7571595609ed8
SSDEEP

1536:Uw7+10LWIvcw5pl6GUyQ07eBarr/hwch/bd6dRxTxMhhcOdVk98rY8m:r7ZWIxpC0KSr/hwchzoRfif6GYP

Score

10^/10

redline slovarikinstalls discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

slovarikinstalls

C2

185.215.113.94:35535

Attributes

auth_value
fab440dd1f1c0900975c02f2f3794139

Targets

- Target
  
  JaffaCakes118_4788b9f2b49471fa3f20ce9ac9fd8524
- Size
  
  103KB
- MD5
  
  4788b9f2b49471fa3f20ce9ac9fd8524
- SHA1
  
  37daa0fae772bf7634f1e71339a31252b86fd9a8
- SHA256
  
  5733022e0a84fede4220137c51b947633ba407457ccaf3022bcec3876b2c7d0f
- SHA512
  
  6ed4f4fc69872e2c92aa64913de9dd523fed4a8afb036462ddf20e2f210f6d0cb88c887a4b148bb0b3262bc49bf4ea8b54536b73e7b093aaeec7571595609ed8
- SSDEEP
  
  1536:Uw7+10LWIvcw5pl6GUyQ07eBarr/hwch/bd6dRxTxMhhcOdVk98rY8m:r7ZWIxpC0KSr/hwchzoRfif6GYP
Score

10^/10

redline slovarikinstalls discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

slovarikinstallsredline

behavioral1

redlineslovarikinstallsdiscoveryinfostealer

behavioral2

redlineslovarikinstallsdiscoveryinfostealer