redline | 3dfe0aecf59020bfe0e4d0e14571fb6c586096ce66a5dd9722f699b2858efd6a | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

771KB
Sample

221225-vme2hseh6z
MD5

639137eab94bb57bc50083b813a854b1
SHA1

98e812807bc70cf97e98d3554569a1788f39bd0e
SHA256

3dfe0aecf59020bfe0e4d0e14571fb6c586096ce66a5dd9722f699b2858efd6a
SHA512

8ebfb09af036d3348a10016507f2e07a383780c78350bc62f56bd9a333688fd1f3af9afb69061a1c1bc914925a15ead1ad755e5c8e1c0ba960eeb1610d016906
SSDEEP

24576:GHT9L3pP7Vz/BXBJhoIo76sg0YWa0O+PubRpTmIYOzsS:GHT9L3pP7Vz/BXBJhoP6sg/0O+eRpTb4

Score

10^/10

redline installs3 infostealer spyware

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20220901-en

redline installs3 infostealer spyware

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20221111-en

redline installs3 infostealer spyware

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

installs3

C2

89.22.233.20:36696

Attributes

auth_value
b79efe79ba3d2497f7d70b34f9fc1ea4

Targets

- Target
  
  file.exe
- Size
  
  771KB
- MD5
  
  639137eab94bb57bc50083b813a854b1
- SHA1
  
  98e812807bc70cf97e98d3554569a1788f39bd0e
- SHA256
  
  3dfe0aecf59020bfe0e4d0e14571fb6c586096ce66a5dd9722f699b2858efd6a
- SHA512
  
  8ebfb09af036d3348a10016507f2e07a383780c78350bc62f56bd9a333688fd1f3af9afb69061a1c1bc914925a15ead1ad755e5c8e1c0ba960eeb1610d016906
- SSDEEP
  
  24576:GHT9L3pP7Vz/BXBJhoIo76sg0YWa0O+PubRpTmIYOzsS:GHT9L3pP7Vz/BXBJhoP6sg/0O+eRpTb4
Score

10^/10

redline installs3 infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinstalls3infostealerspyware

behavioral2

redlineinstalls3infostealerspyware

© 2018-2025

Terms | Privacy