redline | 6b4360e4aa5481a97ea1e95be4c65caa3689b5b791525201843a8944b90efee8 | Triage

Sharing

General

Target

JaffaCakes118_55c464709896fb1f42ae9d11a865aef3
Size

102KB
Sample

250107-jd6bkaspgl
MD5

55c464709896fb1f42ae9d11a865aef3
SHA1

1a9c9d4b4b8b10342dc77de2d3360ed3976b99f5
SHA256

6b4360e4aa5481a97ea1e95be4c65caa3689b5b791525201843a8944b90efee8
SHA512

e2c72553b6a41204d67d79f07e778a71819e68bb22fd9d6857c39f493b8e1c89f2be494bc7cde0225f8d3d55adca7befbb9cea1b5b1113fbe9e137c34d49b3d4
SSDEEP

3072:MX5axE0H99Dw0KJHr3333b7aN2NBnp7BZrC6B:MQKJHr3333Hzu4

Score

10^/10

redline @cynematic_adm discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

@cynematic_adm

C2

45.137.190.237:27973

Attributes

auth_value
90a7f02f0cbc48c0c8632519fbd10c4b

Targets

- Target
  
  JaffaCakes118_55c464709896fb1f42ae9d11a865aef3
- Size
  
  102KB
- MD5
  
  55c464709896fb1f42ae9d11a865aef3
- SHA1
  
  1a9c9d4b4b8b10342dc77de2d3360ed3976b99f5
- SHA256
  
  6b4360e4aa5481a97ea1e95be4c65caa3689b5b791525201843a8944b90efee8
- SHA512
  
  e2c72553b6a41204d67d79f07e778a71819e68bb22fd9d6857c39f493b8e1c89f2be494bc7cde0225f8d3d55adca7befbb9cea1b5b1113fbe9e137c34d49b3d4
- SSDEEP
  
  3072:MX5axE0H99Dw0KJHr3333b7aN2NBnp7BZrC6B:MQKJHr3333Hzu4
Score

10^/10

redline @cynematic_adm discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

@cynematic_admredline

behavioral1

redline@cynematic_admdiscoveryinfostealer

behavioral2

redline@cynematic_admdiscoveryinfostealer