redline | ec53e4d3b5b4ce83836f6ccdf486f1ed27feba5e00038c8dc302edf1653a0895 | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

228KB
Sample

221222-1ggaaafc47
MD5

a6840d9f847794e1df91a66d445d9252
SHA1

9d5cdef85c7be297a429fd3291c56badfe4235ff
SHA256

ec53e4d3b5b4ce83836f6ccdf486f1ed27feba5e00038c8dc302edf1653a0895
SHA512

24ffdbadfecee3a5b25cbefcc18d380c9378e776035f9f6a7054f6df355e72d30407fb5c1e2ca2692c42e06e1e15846eb2351a04536121a87ea64ab7f5913905
SSDEEP

6144:eRI+XjHms/kj24T8khkSrY3pbaLS/kmn70:eRHXjHD/kjrPKeLS/kc70

Score

10^/10

redline infostealer spyware

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20220812-en

redline infostealer spyware

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20221111-en

redline infostealer spyware

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

redline

C2

185.215.113.69:15544

Attributes

auth_value
9dc38bffb6e32e3cf991ed6b0cd2af6a

Targets

- Target
  
  file.exe
- Size
  
  228KB
- MD5
  
  a6840d9f847794e1df91a66d445d9252
- SHA1
  
  9d5cdef85c7be297a429fd3291c56badfe4235ff
- SHA256
  
  ec53e4d3b5b4ce83836f6ccdf486f1ed27feba5e00038c8dc302edf1653a0895
- SHA512
  
  24ffdbadfecee3a5b25cbefcc18d380c9378e776035f9f6a7054f6df355e72d30407fb5c1e2ca2692c42e06e1e15846eb2351a04536121a87ea64ab7f5913905
- SSDEEP
  
  6144:eRI+XjHms/kj24T8khkSrY3pbaLS/kmn70:eRHXjHD/kjrPKeLS/kc70
Score

10^/10

redline infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Uses the VBS compiler for execution
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealerspyware

behavioral2

redlineinfostealerspyware

© 2018-2025

Terms | Privacy