redline | 1f8cd2662ec9b5e249c79a0bf4b03e6f584794a9ac087be7f8b257f7f813bb84 | Triage

Submit
Reports

Overview

overview

Static

static

1

sample.exe

windows7-x64

sample.exe

windows10-2004-x64

Sharing

General

Target

sample.exe
Size

3.9MB
Sample

230324-xwfqhsah71
MD5

52430366ded3db6cc20919d2ca3f315c
SHA1

fea75632f000afcb45d25a7f4c623ccaa72d17db
SHA256

1f8cd2662ec9b5e249c79a0bf4b03e6f584794a9ac087be7f8b257f7f813bb84
SHA512

4fd8cfd21d5a4954e8fbc67d2aa4d08d532485a35d1a924a2f084da60de829cc3f32cd7726c8cf2ea8e3cf716c8c18336cf5286508b93a6da2037c5f63c29597
SSDEEP

98304:ezXXqjn5ie+xlo0+at12K39nFzBoJL7KGue3zN484Mwo6jy5R0oHU93Gz+:ezXXqjncxlo0+S1FzBoZ2Ve3J45xm5RO

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

sample.exe

Resource

win7-20230220-en

redline infostealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

sample.exe

Resource

win10v2004-20230221-en

redline infostealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

redline

C2

185.200.191.18:80

Attributes

auth_value
470ee96cae88bc7ec6439074338e8e8b

Targets

- Target
  
  sample.exe
- Size
  
  3.9MB
- MD5
  
  52430366ded3db6cc20919d2ca3f315c
- SHA1
  
  fea75632f000afcb45d25a7f4c623ccaa72d17db
- SHA256
  
  1f8cd2662ec9b5e249c79a0bf4b03e6f584794a9ac087be7f8b257f7f813bb84
- SHA512
  
  4fd8cfd21d5a4954e8fbc67d2aa4d08d532485a35d1a924a2f084da60de829cc3f32cd7726c8cf2ea8e3cf716c8c18336cf5286508b93a6da2037c5f63c29597
- SSDEEP
  
  98304:ezXXqjn5ie+xlo0+at12K39nFzBoJL7KGue3zN484Mwo6jy5R0oHU93Gz+:ezXXqjncxlo0+S1FzBoZ2Ve3J45xm5RO
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2025

Terms | Privacy