redline | 20ce08554859e0360365e35ebcc06fba0faf40f9baf25c2184670fdb0bccd399 | Triage

Submit
Reports

Overview

overview

Static

static

3

28bfb32992...83.exe

windows7-x64

28bfb32992...83.exe

windows10-2004-x64

Sharing

General

Target

28bfb329920c79a345ef0f583.exe
Size

1.3MB
Sample

230708-t1p8zafe46
MD5

28bfb329920c79a345ef0f58316db81e
SHA1

b80e6771bba26d0973210f4dc257247d1bcda7c0
SHA256

20ce08554859e0360365e35ebcc06fba0faf40f9baf25c2184670fdb0bccd399
SHA512

e1b04ea8530790649cb22ef63e9a4af39ae4f71f6ba9a432886bbd8e6742704207f66b5d5cfec5477f32e982f8921d9e6b226b7c295aac504940d682dd35c0e1
SSDEEP

12288:/yb6GtiiH4wcA1c29LMeHv2I+Jy+vKQGChx7Z:/o6G1HBrZv2I+BKQGEx7Z

Score

10^/10

redline infostealer spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

28bfb329920c79a345ef0f583.exe

Resource

win7-20230703-en

redline infostealer spyware

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

28bfb329920c79a345ef0f583.exe

Resource

win10v2004-20230703-en

redline infostealer spyware

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  28bfb329920c79a345ef0f583.exe
- Size
  
  1.3MB
- MD5
  
  28bfb329920c79a345ef0f58316db81e
- SHA1
  
  b80e6771bba26d0973210f4dc257247d1bcda7c0
- SHA256
  
  20ce08554859e0360365e35ebcc06fba0faf40f9baf25c2184670fdb0bccd399
- SHA512
  
  e1b04ea8530790649cb22ef63e9a4af39ae4f71f6ba9a432886bbd8e6742704207f66b5d5cfec5477f32e982f8921d9e6b226b7c295aac504940d682dd35c0e1
- SSDEEP
  
  12288:/yb6GtiiH4wcA1c29LMeHv2I+Jy+vKQGChx7Z:/o6G1HBrZv2I+BKQGEx7Z
Score

10^/10

redline infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealerspyware

behavioral2

redlineinfostealerspyware

© 2018-2025

Terms | Privacy