redline | 16b9de721ea56289be73a2b2bcadb5d11ccc2ae56b878170b24bc0df06632654 | Triage

Submit
Reports

Overview

overview

Static

static

3

4b96a2bc62...1f.exe

windows7-x64

4b96a2bc62...1f.exe

windows10-2004-x64

Sharing

General

Target

0035b4c88aab20d9887ef58facbb36d6.bin
Size

251KB
Sample

230601-bcpnescc4w
MD5

36fd26f38cb8a2804fb2f61aeb6dbe05
SHA1

e27158745f8fbee12f5f1cfe9dfe57418940d256
SHA256

16b9de721ea56289be73a2b2bcadb5d11ccc2ae56b878170b24bc0df06632654
SHA512

2466a08616025f9b37d51a80e22201dbb8e1335d4a2b7025bbd85527c93ffbf6a7cb348d2fb4b690d7cf7cb01364705057e2f3999390c8d5a282bef2b5bfe3cd
SSDEEP

6144:8tvOFiI8JJYDL1ObZhZo+ffFkaKwEvRqRbNqsM:YvO4UDhOFE+ffarwysM

Score

10^/10

redline infostealer spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4b96a2bc629d40819ad85f26579a704999ca4e9d544ee83e7e89752c7279891f.exe

Resource

win7-20230220-en

redline infostealer spyware

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

4b96a2bc629d40819ad85f26579a704999ca4e9d544ee83e7e89752c7279891f.exe

Resource

win10v2004-20230220-en

redline infostealer spyware

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  4b96a2bc629d40819ad85f26579a704999ca4e9d544ee83e7e89752c7279891f.exe
- Size
  
  1.1MB
- MD5
  
  0035b4c88aab20d9887ef58facbb36d6
- SHA1
  
  1a2be527b223ae859891013db6b528b4a74ce00d
- SHA256
  
  4b96a2bc629d40819ad85f26579a704999ca4e9d544ee83e7e89752c7279891f
- SHA512
  
  e3614150aae317acc47e04574c8e03896679a2efaef1627979bfca9ba84ecaeb91828c1310d3f93d1400b9b30532fc88a478f946b25592cfe07f9d8e9b446624
- SSDEEP
  
  6144:1KJd0TaLFcKmbPvyR+yKBAOns5VXfkSgIAHK2X+rHMxuh6KM/tPyUiM:1VTaLFcKm2cfqVvkSgIgGrh8RyUiM
Score

10^/10

redline infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealerspyware

behavioral2

redlineinfostealerspyware

© 2018-2025

Terms | Privacy