redline | be394c34bc2d5f532f3ddac7e2d692c60401d71858d4ae2f077af559f33ef772 | Triage

Submit
Reports

Overview

overview

Static

static

4

831d4e7f62...5b.exe

windows7_x64

831d4e7f62...5b.exe

windows10_x64

Sharing

General

Target

831d4e7f62efecd2fc159074383b965b.exe
Size

2.0MB
Sample

210401-jc7ct1ljss
MD5

831d4e7f62efecd2fc159074383b965b
SHA1

4856dbaebf644b83f620fff1666f8553ad47d9b5
SHA256

be394c34bc2d5f532f3ddac7e2d692c60401d71858d4ae2f077af559f33ef772
SHA512

6e60c373cb7ace5666507dd58bf39c4c92346c070f6c4a2d62cd5966dd84bddee89034ba3ee4cce52df74fc0b0aede68d49fea29ee24f9698833905c853c88e8

Score

10^/10

redline infostealer link pdf

Static task

static1

Behavioral task

behavioral1

Sample

831d4e7f62efecd2fc159074383b965b.exe

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

831d4e7f62efecd2fc159074383b965b.exe

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  831d4e7f62efecd2fc159074383b965b.exe
- Size
  
  2.0MB
- MD5
  
  831d4e7f62efecd2fc159074383b965b
- SHA1
  
  4856dbaebf644b83f620fff1666f8553ad47d9b5
- SHA256
  
  be394c34bc2d5f532f3ddac7e2d692c60401d71858d4ae2f077af559f33ef772
- SHA512
  
  6e60c373cb7ace5666507dd58bf39c4c92346c070f6c4a2d62cd5966dd84bddee89034ba3ee4cce52df74fc0b0aede68d49fea29ee24f9698833905c853c88e8
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy