redline

Resubmissions

03/02/2025, 02:11

250203-cmj2csykap 10

03/02/2025, 02:08

250203-ck1lbsyjfk 3

Sharing

Copy URL

Twitter E-mail

General

Target

https://bit.ly/3pt0Mav
Sample

250203-cmj2csykap

Score

10^/10

Malware Config

Extracted

Family

redline

185.223.92.157:44160

Attributes

auth_value
4e5c6e2ba7063e715c19d342d7f1bcc9

Targets

- Target
  
  https://bit.ly/3pt0Mav
Score

10^/10

redline defense_evasion discovery infostealer trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Redline family
  redline
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  defense_evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Checks whether UAC is enabled
  defense_evasion trojan
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1497

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Virtualization/Sandbox Evasion

T1497

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Redline family

Identifies VirtualBox via ACPI registry values (likely anti-VM)

Checks BIOS information in registry

Executes dropped EXE

Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

static1

urlscan1

behavioral1