redline | b427fff84de68deb7b6860dd5a30c70e968ac64480f395406b71762805b8d113 | Triage

Submit
Reports

Overview

overview

Static

static

1

file.exe

windows7-x64

file.exe

windows10-2004-x64

7

Sharing

General

Target

file.exe
Size

303KB
Sample

230209-keqsyaca4z
MD5

f34444bcd2fa0663fc17937192d6f098
SHA1

17132ea8fca7bdf0a9307e9c96c18f1fd8fa1cb3
SHA256

b427fff84de68deb7b6860dd5a30c70e968ac64480f395406b71762805b8d113
SHA512

035ed6a7acc3d300fb8f9fe67add6a3f0b7cc6d87cfb4bd9e9f80f493ad2e1b6307041bb56dad33b8b125fb3ca7bb29640a1ae67cb0ffe5ea2f2f1a9f25eca5a
SSDEEP

6144:sqghwOhL4slcY0DMC1yw/npAoeOvzyTow/B/hwDi:sqguOhEsr0B1yw/pABbR/BaD

Score

10^/10

redline discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20220812-en

redline discovery infostealer spyware stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20220812-en

discovery spyware stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  303KB
- MD5
  
  f34444bcd2fa0663fc17937192d6f098
- SHA1
  
  17132ea8fca7bdf0a9307e9c96c18f1fd8fa1cb3
- SHA256
  
  b427fff84de68deb7b6860dd5a30c70e968ac64480f395406b71762805b8d113
- SHA512
  
  035ed6a7acc3d300fb8f9fe67add6a3f0b7cc6d87cfb4bd9e9f80f493ad2e1b6307041bb56dad33b8b125fb3ca7bb29640a1ae67cb0ffe5ea2f2f1a9f25eca5a
- SSDEEP
  
  6144:sqghwOhL4slcY0DMC1yw/npAoeOvzyTow/B/hwDi:sqguOhEsr0B1yw/pABbR/BaD
Score

10^/10

redline discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealerspywarestealer

behavioral2

discoveryspywarestealer

© 2018-2025

Terms | Privacy