redline | c2848940a1061195786910709273d326d8f08fd6649636e147a41d5f8c43456b | Triage

Submit
Reports

Overview

overview

Static

static

3

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

c2848940a1061195786910709273d326d8f08fd6649636e147a41d5f8c43456b
Size

460KB
Sample

230528-19w67shb8x
MD5

2e0ccd3920136b4acdd36c0206bf12ec
SHA1

ce4b720a56660f900db79ffb062af49437933510
SHA256

c2848940a1061195786910709273d326d8f08fd6649636e147a41d5f8c43456b
SHA512

368b65ab4924e609f70dc9e939125a3e807e558b60a91f22bf7fd88e58685f8570f50bf3fccf04ca2876213d13da3e3781ff2ae3ff2aeb9fa5fe72f7bf07e968
SSDEEP

6144:QUHKeJmJtctxr8n8gFQLKSKOckKJivslFiO4hYY1fE0/SRTVWp367pV/rYwyB:kkfbepF0Y2c0/SRTUp3zw

Score

10^/10

redline infostealer spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c2848940a1061195786910709273d326d8f08fd6649636e147a41d5f8c43456b.exe

Resource

win7-20230220-en

redline infostealer spyware

windows7-x64

7 signatures

300 seconds

Behavioral task

behavioral2

Sample

c2848940a1061195786910709273d326d8f08fd6649636e147a41d5f8c43456b.exe

Resource

win10-20230220-en

redline infostealer spyware

windows10-1703-x64

7 signatures

300 seconds

Malware Config

Targets

- Target
  
  c2848940a1061195786910709273d326d8f08fd6649636e147a41d5f8c43456b
- Size
  
  460KB
- MD5
  
  2e0ccd3920136b4acdd36c0206bf12ec
- SHA1
  
  ce4b720a56660f900db79ffb062af49437933510
- SHA256
  
  c2848940a1061195786910709273d326d8f08fd6649636e147a41d5f8c43456b
- SHA512
  
  368b65ab4924e609f70dc9e939125a3e807e558b60a91f22bf7fd88e58685f8570f50bf3fccf04ca2876213d13da3e3781ff2ae3ff2aeb9fa5fe72f7bf07e968
- SSDEEP
  
  6144:QUHKeJmJtctxr8n8gFQLKSKOckKJivslFiO4hYY1fE0/SRTVWp367pV/rYwyB:kkfbepF0Y2c0/SRTUp3zw
Score

10^/10

redline infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealerspyware

behavioral2

redlineinfostealerspyware

© 2018-2025

Terms | Privacy