redline | fb510aeb78ac861e75a3d79ee2926d44121eaac29bdfac8878f2cd3cd4c2553a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file.exe
Size

1.4MB
Sample

221104-yks25saea6
MD5

34fe5a37c7921bbdaacbd9d6390e5eb9
SHA1

69f9c57638e112232d315ef4d85af55151e9be90
SHA256

fb510aeb78ac861e75a3d79ee2926d44121eaac29bdfac8878f2cd3cd4c2553a
SHA512

a04662319b0385c6b59d4b6011e7e0b6effa73e978026d9d4a9744eae88a3f1d9019fae1a04427b01a134fc24e10947d86ecd9da2506bcb66ee18e4de83e34bd
SSDEEP

24576:D71Y1FecMTBP8fVsJzoqmT56nYNk9A0IPkpo6tNOPQBI2WI0aCw28BueGl3ejZvT:mFecANeVsoD5WYO9A7k66tNYQa26aCeV

Score

10^/10

redline 1310 infostealer spyware

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20220812-en

redline 1310 infostealer spyware

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20220901-en

redline 1310 infostealer spyware

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

1310

C2

79.137.192.57:48771

Attributes

auth_value
feb5f5c29913f32658637e553762a40e

Targets

- Target
  
  file.exe
- Size
  
  1.4MB
- MD5
  
  34fe5a37c7921bbdaacbd9d6390e5eb9
- SHA1
  
  69f9c57638e112232d315ef4d85af55151e9be90
- SHA256
  
  fb510aeb78ac861e75a3d79ee2926d44121eaac29bdfac8878f2cd3cd4c2553a
- SHA512
  
  a04662319b0385c6b59d4b6011e7e0b6effa73e978026d9d4a9744eae88a3f1d9019fae1a04427b01a134fc24e10947d86ecd9da2506bcb66ee18e4de83e34bd
- SSDEEP
  
  24576:D71Y1FecMTBP8fVsJzoqmT56nYNk9A0IPkpo6tNOPQBI2WI0aCw28BueGl3ejZvT:mFecANeVsoD5WYO9A7k66tNYQa26aCeV
Score

10^/10

redline 1310 infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline1310infostealerspyware

behavioral2

redline1310infostealerspyware

© 2018-2025

Terms | Privacy