redline | cd3b625cb2fe094def21db9f7261c9d83873471dd3ef060345c391bd12af84b8 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

cd3b625cb2...JC.exe

windows7-x64

cd3b625cb2...JC.exe

windows10-2004-x64

Sharing

General

Target

cd3b625cb2fe094def21db9f7261c9d83873471dd3ef060345c391bd12af84b8_JC.exe
Size

361KB
Sample

230815-tft2esbf64
MD5

43bbed8db3d574acd479bb95fdaeb89f
SHA1

3cbd4ff5252f1505471ba80608345d5fd8b300a8
SHA256

cd3b625cb2fe094def21db9f7261c9d83873471dd3ef060345c391bd12af84b8
SHA512

0a765113eddc4e0bac10bc9ccb69000fab17df13fa7fd0f634f87a8adefc3344369d508cc0bbf638f994c04ca6cd6ccbf89dc236dfb2773296d94f31fe6b50ab
SSDEEP

6144:kChTLg/abRhtQ8c4UrZqlvnTfbCEJ/faO2DR+huD4NA:ksE/abRhK4UeXfaOqw04NA

Score

10^/10

redline infostealer spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

cd3b625cb2fe094def21db9f7261c9d83873471dd3ef060345c391bd12af84b8_JC.exe

Resource

win7-20230712-en

redline infostealer spyware stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

cd3b625cb2fe094def21db9f7261c9d83873471dd3ef060345c391bd12af84b8_JC.exe

Resource

win10v2004-20230703-en

redline infostealer spyware stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  cd3b625cb2fe094def21db9f7261c9d83873471dd3ef060345c391bd12af84b8_JC.exe
- Size
  
  361KB
- MD5
  
  43bbed8db3d574acd479bb95fdaeb89f
- SHA1
  
  3cbd4ff5252f1505471ba80608345d5fd8b300a8
- SHA256
  
  cd3b625cb2fe094def21db9f7261c9d83873471dd3ef060345c391bd12af84b8
- SHA512
  
  0a765113eddc4e0bac10bc9ccb69000fab17df13fa7fd0f634f87a8adefc3344369d508cc0bbf638f994c04ca6cd6ccbf89dc236dfb2773296d94f31fe6b50ab
- SSDEEP
  
  6144:kChTLg/abRhtQ8c4UrZqlvnTfbCEJ/faO2DR+huD4NA:ksE/abRhK4UeXfaOqw04NA
Score

10^/10

redline infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealerspywarestealer

behavioral2

redlineinfostealerspywarestealer

© 2018-2025

Terms | Privacy