General

  • Target

    RedLine stealer.zip

  • Size

    2.4MB

  • MD5

    791cec02a1a7690de5024fdcd5dce241

  • SHA1

    a5f8a59c8a38826449dbfe33cd64a67be808b4ce

  • SHA256

    85189ad5f087aa189ff92755a4a9e98f4f98f27da72d91343598a5a36001be10

  • SHA512

    1bea156188a209e2425277bd2d72f038212513839d438aa6f282b465d85970b98ebe71ff0c6854ddba0b2847d08c03c83e3a54f73a244da02a459a32ed268285

  • SSDEEP

    49152:SZ950Ca3IiaS4t0Ft6y6fCFS9aw4jKsHz5dBWfGySlQq3VEslNDDTDsnV:SZ/3X8HH0awHKz5LW+y21lpDIV

Score
10/10

Malware Config

Signatures

  • RedLine payload 1 IoCs
  • Redline family
  • Unsigned PE 14 IoCs

    Checks for missing Authenticode signature.

Files

  • RedLine stealer.zip
    .zip
  • RedLine stealer/Libraries/Bunifu_UI_v1.52.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • RedLine stealer/Libraries/GuiLib.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • RedLine stealer/Libraries/MetroSet UI.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • RedLine stealer/Libraries/Mono.Cecil.Mdb.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • RedLine stealer/Libraries/Mono.Cecil.Mdb.pdb
  • RedLine stealer/Libraries/Mono.Cecil.Pdb.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • RedLine stealer/Libraries/Mono.Cecil.Pdb.pdb
  • RedLine stealer/Libraries/Mono.Cecil.Rocks.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • RedLine stealer/Libraries/Mono.Cecil.Rocks.pdb
  • RedLine stealer/Libraries/Mono.Cecil.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • RedLine stealer/Libraries/Mono.Cecil.pdb
  • RedLine stealer/Libraries/Newtonsoft.Json.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • RedLine stealer/Libraries/RedLine.SharedModels.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • RedLine stealer/Libraries/System.Drawing.Pen.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • RedLine stealer/Libraries/Vestris.ResourceLib.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • RedLine stealer/Libraries/builder.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • RedLine stealer/Libraries/builder.pdb
  • RedLine stealer/Libraries/links.txt
  • RedLine stealer/Libraries/protobuf-net.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • RedLine stealer/Libraries/stub.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • RedLine stealer/MetroSet UI.dll.config
    .xml
  • RedLine stealer/OpenPort.bat
  • RedLine stealer/RedLine.MainPanel-cracked.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • RedLine stealer/RedLine.MainPanel.exe.config
    .xml
  • RedLine stealer/RedLine.MainPanel.idb
  • RedLine stealer/RedLine.MainPanel1.exe.config
    .xml
  • RedLine stealer/links.txt