redline | 0488a72cc86b59cda7359ddbd9820ddd3863adb4de3be431d99f73b9debf2167 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file
Size

2.3MB
Sample

230816-ml4dqaca9y
MD5

89d0f2333461140be663bdd62933f176
SHA1

9edf3e914b13744ba9e6e75a096ac5c92c84970a
SHA256

0488a72cc86b59cda7359ddbd9820ddd3863adb4de3be431d99f73b9debf2167
SHA512

99f3b0480cc0255561183a46d1d7c12d2f9ae3789b5407ae4f5a40987f2ce9ab453ed5ff91b5eedc01d3bef0b24b88f20f0f61cd46b3c334e8ced6e820b30d22
SSDEEP

12288:pBVEc+MVqpMvp36SNjoo6WjK3W/Ii2DP6W4h4Lb1u/DjrxG/hWkcdZMLtz/U7ksK:yc+MIpMvpKpogDP6WccboM/FcdZMxkr

Score

10^/10

redline infostealer spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20230712-en

redline infostealer spyware

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20230703-en

redline infostealer spyware

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  file
- Size
  
  2.3MB
- MD5
  
  89d0f2333461140be663bdd62933f176
- SHA1
  
  9edf3e914b13744ba9e6e75a096ac5c92c84970a
- SHA256
  
  0488a72cc86b59cda7359ddbd9820ddd3863adb4de3be431d99f73b9debf2167
- SHA512
  
  99f3b0480cc0255561183a46d1d7c12d2f9ae3789b5407ae4f5a40987f2ce9ab453ed5ff91b5eedc01d3bef0b24b88f20f0f61cd46b3c334e8ced6e820b30d22
- SSDEEP
  
  12288:pBVEc+MVqpMvp36SNjoo6WjK3W/Ii2DP6W4h4Lb1u/DjrxG/hWkcdZMLtz/U7ksK:yc+MIpMvpKpogDP6WccboM/FcdZMxkr
Score

10^/10

redline infostealer spyware
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealerspyware

behavioral2

redlineinfostealerspyware

© 2018-2025

Terms | Privacy