redline | 5f1db0848f07c7fe96bdef23f3eb075c9c307b22b3de70c5747663a8a2d72f72 | Triage

Submit
Reports

Overview

overview

Static

static

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

5f1db0848f07c7fe96bdef23f3eb075c9c307b22b3de70c5747663a8a2d72f72
Size

2.4MB
Sample

221101-ll7wgaadb9
MD5

4c7ee10f0ec055e6555930228ed7dbbb
SHA1

ecaefd5b6d8ff0d0c8ae71243e6239a5fe282fda
SHA256

5f1db0848f07c7fe96bdef23f3eb075c9c307b22b3de70c5747663a8a2d72f72
SHA512

e7602e67c08017b174800cde95d7eba94b662d65ccfa7793fb9ed0658a6e24c4cd3d51702b1c31e18139861d3e5258bed19c9b3a86e68e10c78dba5afaa02f61
SSDEEP

24576:hC3fgsYcYIFrbY8MhUlKlBx9SJB5NHm2qO5k/ywi1Lc/mLiSWV9wXYNa/HBl3Ruy:UfRQSn5w+wi1Lc/mKGBl33

Score

10^/10

redline @seregafreak infostealer

Static task

static1

Behavioral task

behavioral1

Sample

5f1db0848f07c7fe96bdef23f3eb075c9c307b22b3de70c5747663a8a2d72f72.exe

Resource

win7-20220901-en

redline @seregafreak infostealer

windows7-x64

4 signatures

300 seconds

Behavioral task

behavioral2

Sample

5f1db0848f07c7fe96bdef23f3eb075c9c307b22b3de70c5747663a8a2d72f72.exe

Resource

win10-20220812-en

redline @seregafreak infostealer

windows10-1703-x64

4 signatures

300 seconds

Malware Config

Extracted

Family

redline

Botnet

@seregafreak

C2

185.106.92.226:40788

Attributes

auth_value
dda97cbed95c760a7517b9592c0e27be

Targets

- Target
  
  5f1db0848f07c7fe96bdef23f3eb075c9c307b22b3de70c5747663a8a2d72f72
- Size
  
  2.4MB
- MD5
  
  4c7ee10f0ec055e6555930228ed7dbbb
- SHA1
  
  ecaefd5b6d8ff0d0c8ae71243e6239a5fe282fda
- SHA256
  
  5f1db0848f07c7fe96bdef23f3eb075c9c307b22b3de70c5747663a8a2d72f72
- SHA512
  
  e7602e67c08017b174800cde95d7eba94b662d65ccfa7793fb9ed0658a6e24c4cd3d51702b1c31e18139861d3e5258bed19c9b3a86e68e10c78dba5afaa02f61
- SSDEEP
  
  24576:hC3fgsYcYIFrbY8MhUlKlBx9SJB5NHm2qO5k/ywi1Lc/mLiSWV9wXYNa/HBl3Ruy:UfRQSn5w+wi1Lc/mKGBl33
Score

10^/10

redline @seregafreak infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redline@seregafreakinfostealer

behavioral2

redline@seregafreakinfostealer

© 2018-2025

Terms | Privacy