redline

Sharing

Copy URL

Twitter E-mail

General

Target

Downloads.zip
Size

125KB
Sample

240701-m7anjaxhmb
MD5

061d1f28c348333503cae90509207742
SHA1

efdace091083aaa564faeb6a7e5aaad8d0a280b5
SHA256

e0d668b40ff86c027068135c66eff3f9fab3c37bdfb86a6d8f2b5c59d70a0d91
SHA512

71ed19f74d0f1451b0497846a0219a4f68cc34fd398fc86a2d3ca9d9134b8f9db8898b0c6839a36943d23f587dceaca963ce5ea77ae011e0424f38232f4ff813
SSDEEP

3072:QM4uA0no92wvt2rsqxj1cNHQg+TyRDlOUCIGSJp8Z4uUdnWCiG:QisBqcNHHxRlpnzp8ZzMniG

Score

10^/10

redline infostealer

Malware Config

Targets

- Target
  
  Python-Exe-Decompiler-main/decompile.py
- Size
  
  10KB
- MD5
  
  c79e7ebf443590e54ff39ae8eef2b458
- SHA1
  
  d129304892a3ea1999cfa0fc379b0cc1f8d7ed86
- SHA256
  
  b6e60f539595c544b035683b630389c7b29e4f96fdbd51a81cc1cdd488d55973
- SHA512
  
  478e51418cfa5e2cac3f312549e79c94859c5b4b87db478f62ab7af5e4aab1218db6f0485c5f63d67f386b09ab32613b6a7b89ec38808e46398690222fb2aca4
- SSDEEP
  
  192:ssfbOw0uhBGUZXW5PcQ141v2MlKHh8rzKXUJM:ssfbOqBQ141v2MKMzUU6
Score

3^/10
behavioral1
- Target
  
  SnosTelegram/Modules/__init__.cpython-310.pyc
- Size
  
  226B
- MD5
  
  e6d2812615a48fc900bf2c5d4a7de804
- SHA1
  
  a3f8778165512be32bda5794c74984e86e41c178
- SHA256
  
  ed7abf066ac13047b6392d4c2606591467297e111e03f4c47f1f3bef9f37dc88
- SHA512
  
  db61c979ff2ba5686907d52be7c3aa719612dae56c4737a4c0eb4e316fff08824dbe74371dc9b52aa1466e90727a0e3d4a3ad518b529c0d12da8657134a276ff
Score

3^/10
behavioral2
- Target
  
  SnosTelegram/Modules/__init__.cpython-38.pyc
- Size
  
  251B
- MD5
  
  71f71361ad1d7b7b1b2a7ddbdcef9de1
- SHA1
  
  90f69f5a8df31c843f1e404ebda89bad789acbdc
- SHA256
  
  6b258329485883ae1580ebe091f3dbc40020fb251c9b590763cd059516af23c2
- SHA512
  
  5ac8205cf271bf2a87c6870c88d8db84401efc6b05fa8cb3535bccd20c27ebfe6137b528a44c21990900f070206117cdc56be1aefe4bd7a63c71565bbb2cdc9f
Score

3^/10
behavioral3
- Target
  
  SnosTelegram/Modules/loader.cpython-310.pyc
- Size
  
  477B
- MD5
  
  dc74952e1f65d9c19585bab4d825eeba
- SHA1
  
  afa2743a675e5bc68c0894b8180f823e633dca42
- SHA256
  
  86b599d935915bb436881a7dcaf8f51821dcc6e943dd41961c57a44c751051b2
- SHA512
  
  072d8afa40d7741da5e5026bd0739d37e175a9374426a13fe3034d7e8bd414cfdc56fea50da9ff182e7bb906fa68e96266b5119104034e6d891f93beb46d4682
Score

3^/10
behavioral4
- Target
  
  SnosTelegram/Modules/loader.cpython-38.pyc
- Size
  
  459B
- MD5
  
  1c67bd5d765c56ca319668e5ac8437ae
- SHA1
  
  3968e0ba3ea0b6a9c7995019212d6ac8dd46ab1e
- SHA256
  
  71435c77ca370ddfd740ee9c06aa5c036e1940430e6bf427caefe0f490fbb24c
- SHA512
  
  d880c9a55c92e086594001780c545cb1ea0791889f3eebc61ebeed82bb77163042826a7a3446078781249b796e212f70317f8ef0ecedefa09bffde25ee705562
Score

3^/10
behavioral5
- Target
  
  SnosTelegram/Modules/messages.cpython-310.pyc
- Size
  
  1KB
- MD5
  
  0f36a8695c5378c747090c7cc3744fef
- SHA1
  
  c153c5e5a0eded52fc5d529bbac3c5873a61beb0
- SHA256
  
  7935788351faf9327cee8e3c476025ce8970dc2e7825d419c16249d9416f2217
- SHA512
  
  adea0cde6406fbaee2150f54b75cec9a0f6e17cf99d6ff95d3e310da1fcd22e94b23b2092e060de0f6b9e892562cba076d4b0601d2d00298a4958fd32a2a6c6a
Score

3^/10
behavioral6
- Target
  
  SnosTelegram/Modules/messages.cpython-38.pyc
- Size
  
  1KB
- MD5
  
  f05818423870b742cf408ff8fb8c4cf5
- SHA1
  
  708bd5fcbc40de6a2bcb6e30318047b140d07f45
- SHA256
  
  b23896dcf9e0bcb83db4e99c2055911aa0ae92594db484bfa05ce420558c3364
- SHA512
  
  0ceaf8e99e80ed95030860d370e95a708a832da6fd324962d3b16c0f2f3340b5cef4b4109776864df5f411d593ad9ec1a4a749badb24630b53b73884804adffb
Score

3^/10
behavioral7
- Target
  
  SnosTelegram/Modules/messages.py
- Size
  
  78B
- MD5
  
  b6fa47500b4de4dc695e870bd8fc9fbb
- SHA1
  
  bcdae2c69c85c921fedbca7932644c8bd2ac4aff
- SHA256
  
  e8a89c9c6f1a4d35a5bfb534555b5f57872479b66c146329d98afb481b8ce9c7
- SHA512
  
  a21baf2764462e2c9126cf62b4aa38276844f5718c8f138f33d525bffb6752ecde21cebbea1f44cfba77e3db4efd519c0e4b4c04847d49443be7ae057a24e7a9
Score

3^/10
behavioral8
- Target
  
  SnosTelegram/Modules/tgclient.cpython-310.pyc
- Size
  
  827B
- MD5
  
  84b50ee0bcec80ca63ac7b281d987b8f
- SHA1
  
  6959bffcce5e5d0a10561c2b8eed51ebd543eaa5
- SHA256
  
  88fd6c4a36fa4b09c985101615f805f5ccd65033541c19c6be3bc6ddd4040660
- SHA512
  
  b5a0e48750de03e1720b64859b8c3d6e1a6d9c1885a52904c35113163d4c92fa9c29d4110817ea3eab7da4bdc310cb29d5e3d6e990b4767004e7ed0b1a842862
Score

3^/10
behavioral9
- Target
  
  SnosTelegram/Modules/tgclient.cpython-38.pyc
- Size
  
  1KB
- MD5
  
  950f0ed112db9b1b88e7273802c412c5
- SHA1
  
  348373531499c6b91d7c4e7b85fa62b3fbcfadfa
- SHA256
  
  baf0552254641a4d28706fb6c89a54eaf8a112f47f5e2f50e8d1ed322c475514
- SHA512
  
  97c6da8e609484d6cabd5f2af16271a49ada1315211cecdbe4e7fa6357cf1f1c7dbf367510a84c9652c11a55180616bb3364d604401f5a43f78e9388ebedb1ba
Score

3^/10
behavioral10
- Target
  
  SnosTelegram/Modules/user.cpython-310.pyc
- Size
  
  1KB
- MD5
  
  77c8bc2d0cecfb0450414af3e88e024c
- SHA1
  
  3ef39a54b4d3b55fb2af850d7b7329bbc8b645d0
- SHA256
  
  fe1aa35e575254ec8feea99db1d47bb545dd6de75a0ac6fefb15b14b28662f6d
- SHA512
  
  6396751b562b4b21d19d9d5db50f5530b9b1b98a59d869f20b7b960cddbc1c8c492b9b558cb1b78ca5d19bae0e1b38c492bffc41ba2fcf1b6259f01a8958730a
Score

3^/10
behavioral11
- Target
  
  SnosTelegram/Modules/user.cpython-38.pyc
- Size
  
  1KB
- MD5
  
  2b514ee06e20268909f24c44222b95ed
- SHA1
  
  a5102e284b0fa9e164b4b645d46efc34a9ccb2ed
- SHA256
  
  ebe87689df2375771417af4a0da3e486ddc05e003e2568815c35c91320493376
- SHA512
  
  b230231c363b6d6a5dcca36dae4ded721f0be2f561431de45403f6ff3540dc3a0e47d1d4f74d383c704fb41fd8cc3b1299aa9963f35eddd9550f58f9b48a09cb
Score

3^/10
behavioral12
- Target
  
  SnosTelegram/SnosTelegram.exe
- Size
  
  32.0MB
- MD5
  
  25e6b30402bed760cada14b2ed47e8b3
- SHA1
  
  e30627769efc7b3083bd4618eef9f7248aa86b4d
- SHA256
  
  cf0d9a8372468970491565100ee0e9339246280f1ed8b97eb528ac0b10133cf5
- SHA512
  
  0927917f3410628679f1766f52da9342e638c420dbeb778054e4536cb8a9c9c1569db6ed87b509172746359e3bd25c170a53bdcb7623c7a1ef758d763a3eeaf9
- SSDEEP
  
  12288:I03m6mJbx+BELS3dbVPyWlI/U2lDO1S+TP:I03m6mJbx+BELS3HSQ
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
behavioral13
- Target
  
  SnosTelegram/__init__.py
- Size
  
  35B
- MD5
  
  5d9f173f6d4d0b6d812c78bf2631ba70
- SHA1
  
  6631d6f330b97daf9ef056c74f6a4fd96dc86e1e
- SHA256
  
  ee5427337bb5345bd9a2cd6d8d47eecbea67658a2eb55514c85315e458528ca3
- SHA512
  
  c51f9cb168fa1d972de34fd082d18080e9f43472d6ebb41c504525f5e0b8b5ca6fd279fba8cf434e5e9a6debe4910758a511f5cf7a5a3ab20d37ee53b98ffacf
Score

3^/10
behavioral14
- Target
  
  SnosTelegram/telegram_module.py
- Size
  
  222B
- MD5
  
  0a016bc56ce9d3c5cd9cc7096dc167a8
- SHA1
  
  5d4af430ced1f7974532e2fc2b26edd03cd8f9a2
- SHA256
  
  e6ea7f34fe1435e724aa7cc475ecf7f5ebb9ef7012ca68c465fc3140a243e7bc
- SHA512
  
  756773e7aae0d2df7b7605c7992ccb479191aa9de0a7982b72629ca790653c710f19a1ab144cd4c973d69fe950399834e196e713e5c24f56954b44a4072c9fe9
Score

3^/10
behavioral15

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

RedLine payload

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15