redline | 97b8e017d9459357292e3e25e0a343aedcaf28c18ec4a05985995a0be9495984 | Triage

Sharing

General

Target

97b8e017d9459357292e3e25e0a343aedcaf28c18ec4a05985995a0be9495984.exe
Size

300KB
Sample

250204-exf4kawqfm
MD5

4a13cca1b960fd69697a4c69105c851c
SHA1

3a71263e57ffa4a056bbb649d7173dbf7046c1da
SHA256

97b8e017d9459357292e3e25e0a343aedcaf28c18ec4a05985995a0be9495984
SHA512

d411ac647b6dececf30c8823d8cebf68848817338ce143030219688f0b32852fbc52721089a74ec98ce05e46532a55483b689bc446610a94e4fa029f5b885c72
SSDEEP

3072:ecZqf7D34Bp/0+mAwkyg4eQEgPQB1fA0PuTVAtkxze3RweqiOL2bBOA:ecZqf7DITnWVcB1fA0GTV8kUQL

Score

10^/10

redline danek discovery infostealer

Malware Config

Extracted

Family

redline

Botnet

DANEK

C2

195.177.92.88:1912

Targets

- Target
  
  97b8e017d9459357292e3e25e0a343aedcaf28c18ec4a05985995a0be9495984.exe
- Size
  
  300KB
- MD5
  
  4a13cca1b960fd69697a4c69105c851c
- SHA1
  
  3a71263e57ffa4a056bbb649d7173dbf7046c1da
- SHA256
  
  97b8e017d9459357292e3e25e0a343aedcaf28c18ec4a05985995a0be9495984
- SHA512
  
  d411ac647b6dececf30c8823d8cebf68848817338ce143030219688f0b32852fbc52721089a74ec98ce05e46532a55483b689bc446610a94e4fa029f5b885c72
- SSDEEP
  
  3072:ecZqf7D34Bp/0+mAwkyg4eQEgPQB1fA0PuTVAtkxze3RweqiOL2bBOA:ecZqf7DITnWVcB1fA0GTV8kUQL
Score

10^/10

redline danek discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinedanekdiscoveryinfostealer

behavioral2

redlinedanekdiscoveryinfostealer