redline | ba9c201ca52eed0958ad42e1907e460c19eb0c83e901332e8061eec41e136d9e | Triage

Submit
Reports

Overview

overview

Static

static

1

file.exe

windows7-x64

file.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

file
Size

310KB
Sample

230216-f9ddwaff91
MD5

3619425eaf78e9c5c89ed5f65ccc95e7
SHA1

12dcc2becb1c5aba2561ac3da3bca23a49072084
SHA256

ba9c201ca52eed0958ad42e1907e460c19eb0c83e901332e8061eec41e136d9e
SHA512

e6738795b984ac2328b2274ef4557370add02ad507cca2c43cef423e22ba0559d9ce51377fbfee3ea4e9ff8e02b1ba80f17db3949ae0d05ae5cc5adcc2f8abe3
SSDEEP

6144:EwULtHKxOJJegBd0lC9EH28q340ryW269nPmgAmYVCBv:E/RJJhBelV2N1JmzdCB

Score

10^/10

redline discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20220901-en

redline discovery infostealer spyware stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20220812-en

discovery spyware stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  file
- Size
  
  310KB
- MD5
  
  3619425eaf78e9c5c89ed5f65ccc95e7
- SHA1
  
  12dcc2becb1c5aba2561ac3da3bca23a49072084
- SHA256
  
  ba9c201ca52eed0958ad42e1907e460c19eb0c83e901332e8061eec41e136d9e
- SHA512
  
  e6738795b984ac2328b2274ef4557370add02ad507cca2c43cef423e22ba0559d9ce51377fbfee3ea4e9ff8e02b1ba80f17db3949ae0d05ae5cc5adcc2f8abe3
- SSDEEP
  
  6144:EwULtHKxOJJegBd0lC9EH28q340ryW269nPmgAmYVCBv:E/RJJhBelV2N1JmzdCB
Score

10^/10

redline discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealerspywarestealer

behavioral2

discoveryspywarestealer

© 2018-2025

Terms | Privacy