redline | 261ec697b5a7215b436d0f6d16c64278ee88d1df97de3f777fc46198500c28c8 | Triage

Submit
Reports

Overview

overview

Static

static

1

TradingView.exe

windows7-x64

TradingView.exe

windows10-2004-x64

Sharing

General

Target

TradingView.exe
Size

4.7MB
Sample

230426-weqnqaah99
MD5

b414d9c7e1c3332ec324b8e6c4f6be82
SHA1

e909bbe630fd44939454e0174ff93f6913861ae4
SHA256

261ec697b5a7215b436d0f6d16c64278ee88d1df97de3f777fc46198500c28c8
SHA512

bb4903c00b66abfde6ffc3f5aa48753e13608f59ff424cdd886d8171f288a2b4392818021e67faff02c317823ec0aa8fe48d3222f7473f99a2e98bf4edb1c489
SSDEEP

98304:1J/agjkBPbx7NZlwTp5azaiswI0ORt7OC4SzcfBm0CTh1tNzFTDwbhd7DBnxdREC:r/agwLfmbwFUNZcfBm0CTpNBTE91DBnf

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

TradingView.exe

Resource

win7-20230220-en

redline infostealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

TradingView.exe

Resource

win10v2004-20230220-en

redline infostealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

redline

C2

91.243.59.21:20856

Attributes

auth_value
c51b6b00ac38375fb2c44a2c9e5bc08b

Targets

- Target
  
  TradingView.exe
- Size
  
  4.7MB
- MD5
  
  b414d9c7e1c3332ec324b8e6c4f6be82
- SHA1
  
  e909bbe630fd44939454e0174ff93f6913861ae4
- SHA256
  
  261ec697b5a7215b436d0f6d16c64278ee88d1df97de3f777fc46198500c28c8
- SHA512
  
  bb4903c00b66abfde6ffc3f5aa48753e13608f59ff424cdd886d8171f288a2b4392818021e67faff02c317823ec0aa8fe48d3222f7473f99a2e98bf4edb1c489
- SSDEEP
  
  98304:1J/agjkBPbx7NZlwTp5azaiswI0ORt7OC4SzcfBm0CTh1tNzFTDwbhd7DBnxdREC:r/agwLfmbwFUNZcfBm0CTpNBTE91DBnf
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2025

Terms | Privacy