redline | hxxps://google[.]com | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

URLScan

urlscan

1

https://google.com

windows10-2004-x64

Resubmissions

10/01/2023, 20:41

230110-zgh87she82 10

09/01/2023, 13:23

230109-qmzcyahg5z 8

30/12/2022, 04:52

221230-fhnqjafa36 7

29/12/2022, 23:57

221229-3z3x4shg5y 8

29/12/2022, 09:56

221229-lyp67afh7x 4

29/12/2022, 09:28

221229-lfpspsfh5s 10

29/12/2022, 04:18

221229-exfssscc88 1

29/12/2022, 04:12

221229-esw9zsfd3z 8

18/12/2022, 12:11

221218-pcmqqabh42 8

04/12/2022, 12:48

221204-p157zaec6t 10

Sharing

General

Target

https://google.com
Sample

221204-p157zaec6t

Score

10^/10

redline milliondollarsssssssss infostealer

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://google.com

Resource

win10v2004-20220812-en

redline milliondollarsssssssss infostealer

windows10-2004-x64

19 signatures

1800 seconds

Malware Config

Extracted

Family

redline

Botnet

MILLIONDOLLARSSSSSSSSS

C2

195.201.122.190:45976

Attributes

auth_value
971e3b56584ce491575444038fafa07c

Targets

- Target
  
  https://google.com
Score

10^/10

redline milliondollarsssssssss infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Executes dropped EXE
- Uses the VBS compiler for execution
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Web Service

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

urlscan1

behavioral1

redlinemilliondollarsssssssssinfostealer

© 2018-2025

Terms | Privacy