redline | 56a417a3d073f7d5dd56de99ba1f515f9b2a5e45021db0fee7af952613d402e2 | Triage

Submit
Reports

Overview

overview

Static

static

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

56a417a3d073f7d5dd56de99ba1f515f9b2a5e45021db0fee7af952613d402e2
Size

2.4MB
Sample

221101-lgyf8sacf6
MD5

99bf74cbcf813be1e78782fcb2d416fd
SHA1

1fcbea028dc9168f5c779efaf2c343f4eab29740
SHA256

56a417a3d073f7d5dd56de99ba1f515f9b2a5e45021db0fee7af952613d402e2
SHA512

8f0c5077b6247fc7cd7e32cd6f3c6c38924cbabe0c6272eaf2c25b3a13ea54d965b55ac417cb25804b57d670610c4ce2cb8708864f30b310942db2cee76922e3
SSDEEP

24576:OQN9g7YcYbFRbY8MKKlx0g+Y4Y27V9OZYUya4tLfTsLtSaLA3JPNaKpl3RuQ5538:h9xiD2Na4tLfTsnUl3Q

Score

10^/10

redline @ler0is infostealer

Static task

static1

Behavioral task

behavioral1

Sample

56a417a3d073f7d5dd56de99ba1f515f9b2a5e45021db0fee7af952613d402e2.exe

Resource

win7-20220812-en

redline @ler0is infostealer

windows7-x64

4 signatures

300 seconds

Behavioral task

behavioral2

Sample

56a417a3d073f7d5dd56de99ba1f515f9b2a5e45021db0fee7af952613d402e2.exe

Resource

win10-20220812-en

redline @ler0is infostealer

windows10-1703-x64

4 signatures

300 seconds

Malware Config

Extracted

Family

redline

Botnet

@Ler0is

C2

185.106.92.226:40788

Attributes

auth_value
056bd2c9aff6b6afb3f5da4793b2c4a2

Targets

- Target
  
  56a417a3d073f7d5dd56de99ba1f515f9b2a5e45021db0fee7af952613d402e2
- Size
  
  2.4MB
- MD5
  
  99bf74cbcf813be1e78782fcb2d416fd
- SHA1
  
  1fcbea028dc9168f5c779efaf2c343f4eab29740
- SHA256
  
  56a417a3d073f7d5dd56de99ba1f515f9b2a5e45021db0fee7af952613d402e2
- SHA512
  
  8f0c5077b6247fc7cd7e32cd6f3c6c38924cbabe0c6272eaf2c25b3a13ea54d965b55ac417cb25804b57d670610c4ce2cb8708864f30b310942db2cee76922e3
- SSDEEP
  
  24576:OQN9g7YcYbFRbY8MKKlx0g+Y4Y27V9OZYUya4tLfTsLtSaLA3JPNaKpl3RuQ5538:h9xiD2Na4tLfTsnUl3Q
Score

10^/10

redline @ler0is infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redline@ler0isinfostealer

behavioral2

redline@ler0isinfostealer

© 2018-2025

Terms | Privacy