redline | 69fea51cac73ae89b6d188508d3c846b66d24bca74de54a3f7c2bc1df17aac27 | Triage

Submit
Reports

Overview

overview

Static

static

COD warzon...ck.exe

windows7-x64

COD warzon...ck.exe

windows10-2004-x64

Sharing

General

Target

stealerViaCheat-2.7z
Size

49.2MB
Sample

230706-p7gg7abb88
MD5

a31c84d9c54fa9a15d591859d9f6eaf9
SHA1

2e02978557760a21608162786e82efee32340146
SHA256

69fea51cac73ae89b6d188508d3c846b66d24bca74de54a3f7c2bc1df17aac27
SHA512

db98e4d442312a4482e659e6c3278272c8d7d167ef1a27026f88ffefafbd6c7ff39bb2c7af47682e0e4dd4a909907affaa27aed003fb6438e5b936022ca89ad2
SSDEEP

1572864:pmfrjnUSaorAZqbQaT0LpPw3fUMSGWxdC9PHYWZX6rLcO3HiZxd:Qfr7so/srPQ+KJWc4S

Score

10^/10

redline top zaliv4 infostealer spyware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

COD warzone aimbot+wallhack.exe

Resource

win7-20230703-en

redline infostealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

COD warzone aimbot+wallhack.exe

Resource

win10v2004-20230703-en

redline top zaliv4 infostealer spyware

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

top zaliv4

C2

116.203.249.207:34832

Attributes

auth_value
4a417404710247a2f29e435a0a05e4c0

Targets

- Target
  
  COD warzone aimbot+wallhack.exe
- Size
  
  734.4MB
- MD5
  
  3bbe3890090436d672cb607c0ac51d15
- SHA1
  
  871588b00e89787c0c578fef854f0eb17131c5c2
- SHA256
  
  b6da030f790e7056b5cf054da861510f68105b0ce9263a2d43f312869ca4ec9d
- SHA512
  
  3785cd391038e8479e4fd79d9f492365ee2c4f049dba493b2c84f289065dff740cb732ebaab22e8e5831769c50ea4b183ef3c0e7b1f824dc9ba98b684375f99f
- SSDEEP
  
  12582912:QQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyQyq:Qnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnq
Score

10^/10

redline infostealer top zaliv4 spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlinetop zaliv4infostealerspyware

© 2018-2025

Terms | Privacy