redline | b0488e7e01e0db8dea5cef98d27ae118b3bf952a50426ec5d4e165e1cec7d64f | Triage

Submit
Reports

Overview

overview

Static

static

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

b0488e7e01e0db8dea5cef98d27ae118b3bf952a50426ec5d4e165e1cec7d64f
Size

2.4MB
Sample

221101-mwqwdacabk
MD5

e79e641f809f7a46eed53df9f5f266c1
SHA1

4047c3c8d36ea01037d33a4ee63be01b844dbc33
SHA256

b0488e7e01e0db8dea5cef98d27ae118b3bf952a50426ec5d4e165e1cec7d64f
SHA512

e1bd2d40bc8fbe64cfa6bcca1013d9b5943f4a4b1a3db1f58da31096a00970da4deeefd12a3f6c9592cbf9388146478b9b59dfd7ff8ee9d9b456e95aa491155d
SSDEEP

24576:aG0zmbYYfYvtIbR6MdelD1px91QQT0s9gLIMRoKIRinCVL1CBl3RuQ55313S:WmqfVT02gssIRinCV2l3A

Score

10^/10

redline @pieeerog infostealer

Static task

static1

Behavioral task

behavioral1

Sample

b0488e7e01e0db8dea5cef98d27ae118b3bf952a50426ec5d4e165e1cec7d64f.exe

Resource

win7-20220812-en

redline @pieeerog infostealer

windows7-x64

4 signatures

300 seconds

Behavioral task

behavioral2

Sample

b0488e7e01e0db8dea5cef98d27ae118b3bf952a50426ec5d4e165e1cec7d64f.exe

Resource

win10-20220812-en

redline @pieeerog infostealer

windows10-1703-x64

4 signatures

300 seconds

Malware Config

Extracted

Family

redline

Botnet

@pieeerog

C2

5.182.36.101:31305

Attributes

auth_value
5c1750165a4d0aadba128fca460befc5

Targets

- Target
  
  b0488e7e01e0db8dea5cef98d27ae118b3bf952a50426ec5d4e165e1cec7d64f
- Size
  
  2.4MB
- MD5
  
  e79e641f809f7a46eed53df9f5f266c1
- SHA1
  
  4047c3c8d36ea01037d33a4ee63be01b844dbc33
- SHA256
  
  b0488e7e01e0db8dea5cef98d27ae118b3bf952a50426ec5d4e165e1cec7d64f
- SHA512
  
  e1bd2d40bc8fbe64cfa6bcca1013d9b5943f4a4b1a3db1f58da31096a00970da4deeefd12a3f6c9592cbf9388146478b9b59dfd7ff8ee9d9b456e95aa491155d
- SSDEEP
  
  24576:aG0zmbYYfYvtIbR6MdelD1px91QQT0s9gLIMRoKIRinCVL1CBl3RuQ55313S:WmqfVT02gssIRinCV2l3A
Score

10^/10

redline @pieeerog infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redline@pieeeroginfostealer

behavioral2

redline@pieeeroginfostealer

© 2018-2025

Terms | Privacy