redline | 83c58d379154e9116c26590671b69fa7fb7beb541069787d8bebeabe9d9189e9 | Triage

Sharing

General

Target

JaffaCakes118_cafcddcd0637d5a1bfaea8e9c6b05165
Size

104KB
Sample

250109-r85mhssmgw
MD5

cafcddcd0637d5a1bfaea8e9c6b05165
SHA1

dfd4ee32b3bd14c4ace1f5d1b252cd0d257b76fe
SHA256

83c58d379154e9116c26590671b69fa7fb7beb541069787d8bebeabe9d9189e9
SHA512

63567be60b1d6bca237072efacd29750fb4347b5fcd301f482eb429df0c61fc4a99fc814de970c6192e21d08f37262c9d7dfa69497c9d92ecbced5f25e2dbb47
SSDEEP

3072:OZUKsQbLjlp5qEWqzTjAZ+k7nGjPzhIJvA9:FwbLjlp5qEWgAZbf+

Score

10^/10

redline @kissyt discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

@kissyt

C2

45.137.190.237:27973

Attributes

auth_value
90a7f02f0cbc48c0c8632519fbd10c4b

Targets

- Target
  
  JaffaCakes118_cafcddcd0637d5a1bfaea8e9c6b05165
- Size
  
  104KB
- MD5
  
  cafcddcd0637d5a1bfaea8e9c6b05165
- SHA1
  
  dfd4ee32b3bd14c4ace1f5d1b252cd0d257b76fe
- SHA256
  
  83c58d379154e9116c26590671b69fa7fb7beb541069787d8bebeabe9d9189e9
- SHA512
  
  63567be60b1d6bca237072efacd29750fb4347b5fcd301f482eb429df0c61fc4a99fc814de970c6192e21d08f37262c9d7dfa69497c9d92ecbced5f25e2dbb47
- SSDEEP
  
  3072:OZUKsQbLjlp5qEWqzTjAZ+k7nGjPzhIJvA9:FwbLjlp5qEWgAZbf+
Score

10^/10

redline @kissyt discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@kissytdiscoveryinfostealer

behavioral2

redline@kissytdiscoveryinfostealer