redline | 0402a4780ff6a5ad2579286301ff602457c242e8ddd90d90bce3eaee8b8f3e92 | Triage

Submit
Reports

Overview

overview

Static

static

3

o3cr.exe

windows7-x64

o3cr.exe

windows10-2004-x64

Sharing

General

Target

o3cr.exe
Size

270KB
Sample

230505-p5ewksaf56
MD5

403e23c4a6a129c58dcaaaeecc51a7a1
SHA1

b1b7bbf8f6a095c33422ba157a46f6c11753583d
SHA256

0402a4780ff6a5ad2579286301ff602457c242e8ddd90d90bce3eaee8b8f3e92
SHA512

6e4d9ce1d3d627e7c6cb056cf5f9dd805b4924708579a4902fd1c07583651f74ef1b0c3db2da1104a4bb094acbfdc52b5f38d294b31012b3cb1ff9c50aafc4cb
SSDEEP

6144:vVsktNQEngBxHA+fg3v9kKXUQtZK9KkWG/j:vVsEmEgHH23vRUQtgSG/j

Score

10^/10

redline o3 infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

o3cr.exe

Resource

win7-20230220-en

redline o3 infostealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

o3cr.exe

Resource

win10v2004-20230221-en

redline o3 infostealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

o3

C2

65.21.133.231:47430

Attributes

auth_value
4f94388048da9aff1b885a942a278195

Targets

- Target
  
  o3cr.exe
- Size
  
  270KB
- MD5
  
  403e23c4a6a129c58dcaaaeecc51a7a1
- SHA1
  
  b1b7bbf8f6a095c33422ba157a46f6c11753583d
- SHA256
  
  0402a4780ff6a5ad2579286301ff602457c242e8ddd90d90bce3eaee8b8f3e92
- SHA512
  
  6e4d9ce1d3d627e7c6cb056cf5f9dd805b4924708579a4902fd1c07583651f74ef1b0c3db2da1104a4bb094acbfdc52b5f38d294b31012b3cb1ff9c50aafc4cb
- SSDEEP
  
  6144:vVsktNQEngBxHA+fg3v9kKXUQtZK9KkWG/j:vVsEmEgHH23vRUQtgSG/j
Score

10^/10

redline o3 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineo3infostealer

behavioral2

redlineo3infostealer

© 2018-2025

Terms | Privacy