redline | 9fb4b0494ce8e71c1af8bc538895731ea6da666d8efe405182baa3328aff9966 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

IContratoQK.msi

windows7-x64

IContratoQK.msi

windows10-2004-x64

Sharing

General

Target

IContratoQK.msi.bin
Size

6.9MB
Sample

230505-zjec2aea37
MD5

923ec566997f9c002d9cf7397c79eb4a
SHA1

2bea51e5e6ab96a4669e34a903e30a4b97580e46
SHA256

9fb4b0494ce8e71c1af8bc538895731ea6da666d8efe405182baa3328aff9966
SHA512

79b1f04d66d1a2b237d57c2f341dbec2e2c41df8089ef38f1f402e6b77d91224a620b6c6c424742d7f7460f5fe60aaaaaed3e3020376d514eb49df2b56eb6e35
SSDEEP

196608:vSc73CzEFE2cseSF2fFpuUaMo8zcdKmGZA+:KI3CzSE2BXFBUaw9/

Score

10^/10

redline infostealer stealer

Static task

static1

Behavioral task

behavioral1

Sample

IContratoQK.msi

Resource

win7-20230220-en

redline infostealer stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

IContratoQK.msi

Resource

win10v2004-20230220-en

redline infostealer stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  IContratoQK.msi.bin
- Size
  
  6.9MB
- MD5
  
  923ec566997f9c002d9cf7397c79eb4a
- SHA1
  
  2bea51e5e6ab96a4669e34a903e30a4b97580e46
- SHA256
  
  9fb4b0494ce8e71c1af8bc538895731ea6da666d8efe405182baa3328aff9966
- SHA512
  
  79b1f04d66d1a2b237d57c2f341dbec2e2c41df8089ef38f1f402e6b77d91224a620b6c6c424742d7f7460f5fe60aaaaaed3e3020376d514eb49df2b56eb6e35
- SSDEEP
  
  196608:vSc73CzEFE2cseSF2fFpuUaMo8zcdKmGZA+:KI3CzSE2BXFBUaw9/
Score

10^/10

redline infostealer stealer
- Detects Redline Stealer samples
  This rule detects the presence of Redline Stealer samples based on their unique strings.
  stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealerstealer

behavioral2

redlineinfostealerstealer

© 2018-2025

Terms | Privacy