redline | 028b2ec758c5ed0c662878654391603176aeeeab014b3661415b63c3e79097c0 | Triage

Submit
Reports

Overview

overview

Static

static

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

028b2ec758c5ed0c662878654391603176aeeeab014b3661415b63c3e79097c0
Size

1.5MB
Sample

230109-17ejdabd7v
MD5

3011b66b7e59d8a87e965485612a1cee
SHA1

d1456608fc90c52468e8134ee0712f3847e5cbb3
SHA256

028b2ec758c5ed0c662878654391603176aeeeab014b3661415b63c3e79097c0
SHA512

418c8ece8c38de02a518f6fe85b335c710b90084e6b745b8537cda5d0de1535ae442d3e45019d021724e313df0e2bd34ab27aa680c6b614d5d15a9394ec6b02b
SSDEEP

24576:dcpB5tdfVK+Z4LnnpPGL1bhaplBbpRn/M0MSvfS1sajxI:dUrjfVKw4LnhGJbhUz//dM0fS1sajG

Score

10^/10

redline vip bot1 infostealer

Static task

static1

Behavioral task

behavioral1

Sample

028b2ec758c5ed0c662878654391603176aeeeab014b3661415b63c3e79097c0.exe

Resource

win7-20221111-en

redline vip bot1 infostealer

windows7-x64

5 signatures

300 seconds

Behavioral task

behavioral2

Sample

028b2ec758c5ed0c662878654391603176aeeeab014b3661415b63c3e79097c0.exe

Resource

win10-20220901-en

redline vip bot1 infostealer

windows10-1703-x64

6 signatures

300 seconds

Malware Config

Extracted

Family

redline

Botnet

Vip Bot1

C2

103.163.214.185:9454

Attributes

auth_value
f2b424ec28ef1c48ab8986c9086f8695

Targets

- Target
  
  028b2ec758c5ed0c662878654391603176aeeeab014b3661415b63c3e79097c0
- Size
  
  1.5MB
- MD5
  
  3011b66b7e59d8a87e965485612a1cee
- SHA1
  
  d1456608fc90c52468e8134ee0712f3847e5cbb3
- SHA256
  
  028b2ec758c5ed0c662878654391603176aeeeab014b3661415b63c3e79097c0
- SHA512
  
  418c8ece8c38de02a518f6fe85b335c710b90084e6b745b8537cda5d0de1535ae442d3e45019d021724e313df0e2bd34ab27aa680c6b614d5d15a9394ec6b02b
- SSDEEP
  
  24576:dcpB5tdfVK+Z4LnnpPGL1bhaplBbpRn/M0MSvfS1sajxI:dUrjfVKw4LnhGJbhUz//dM0fS1sajG
Score

10^/10

redline vip bot1 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinevip bot1infostealer

behavioral2

redlinevip bot1infostealer

© 2018-2025

Terms | Privacy