redline | 6ba0530cb54066d2ff66b8d57639542c2f6053f2e3e5cb69e051ab55eadb406f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

Setupp.zip

windows7-x64

Setupp.zip

windows10-2004-x64

Sharing

General

Target

Setupp.zip
Size

132.8MB
Sample

230917-1jrh2acg9x
MD5

1b05efdd19f4f3f08225bc2329386a32
SHA1

dac6df0393b94ff4872f231b4304e27d14ac3f4b
SHA256

6ba0530cb54066d2ff66b8d57639542c2f6053f2e3e5cb69e051ab55eadb406f
SHA512

bf5c74121bb82e73de691d256ff0adf0413499f7225d610e67abb703bef30b894cdded1fdc230fc145ae2d554e0b381a34f01e4905ebb7cf6b43bbd41ee3442b
SSDEEP

3145728:qFChK0NJRkBk96UY4wtc1Tv+iq7vfaFBYNnljoJpwl14moVruNxRIIP8g:qFCK3Bz4wK9qbKBQljewEBANxP

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

Setupp.zip

Resource

win7-20230831-en

redline infostealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

Setupp.zip

Resource

win10v2004-20230915-en

redline infostealer

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  Setupp.zip
- Size
  
  132.8MB
- MD5
  
  1b05efdd19f4f3f08225bc2329386a32
- SHA1
  
  dac6df0393b94ff4872f231b4304e27d14ac3f4b
- SHA256
  
  6ba0530cb54066d2ff66b8d57639542c2f6053f2e3e5cb69e051ab55eadb406f
- SHA512
  
  bf5c74121bb82e73de691d256ff0adf0413499f7225d610e67abb703bef30b894cdded1fdc230fc145ae2d554e0b381a34f01e4905ebb7cf6b43bbd41ee3442b
- SSDEEP
  
  3145728:qFChK0NJRkBk96UY4wtc1Tv+iq7vfaFBYNnljoJpwl14moVruNxRIIP8g:qFCK3Bz4wK9qbKBQljewEBANxP
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.