redline | d84ae6a1fe42df7886cbaec78b8433ab93a2ff54b0290754eb7b5315734904bb | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

RDR2CHEAT/...er.exe

windows7-x64

RDR2CHEAT/...er.exe

windows10-2004-x64

RDR2CHEAT/...op.dll

windows7-x64

1

RDR2CHEAT/...op.dll

windows10-2004-x64

1

RDR2CHEAT/...op.dll

windows7-x64

1

RDR2CHEAT/...op.dll

windows10-2004-x64

1

RDR2CHEAT/...op.dll

windows7-x64

1

RDR2CHEAT/...op.dll

windows10-2004-x64

1

RDR2CHEAT/...op.dll

windows7-x64

1

RDR2CHEAT/...op.dll

windows10-2004-x64

1

RDR2CHEAT/...op.dll

windows7-x64

1

RDR2CHEAT/...op.dll

windows10-2004-x64

1

RDR2CHEAT/...op.dll

windows7-x64

1

RDR2CHEAT/...op.dll

windows10-2004-x64

1

RDR2CHEAT/...op.dll

windows7-x64

1

RDR2CHEAT/...op.dll

windows10-2004-x64

1

RDR2CHEAT/...op.dll

windows7-x64

1

RDR2CHEAT/...op.dll

windows10-2004-x64

1

RDR2CHEAT/...op.dll

windows7-x64

1

RDR2CHEAT/...op.dll

windows10-2004-x64

1

RDR2CHEAT/...op.dll

windows7-x64

1

RDR2CHEAT/...op.dll

windows10-2004-x64

1

RDR2CHEAT/...te.dll

windows7-x64

1

RDR2CHEAT/...te.dll

windows10-2004-x64

1

RDR2CHEAT/...te.dll

windows7-x64

1

RDR2CHEAT/...te.dll

windows10-2004-x64

1

RDR2CHEAT/...te.dll

windows7-x64

1

RDR2CHEAT/...te.dll

windows10-2004-x64

1

RDR2CHEAT/...te.dll

windows7-x64

1

RDR2CHEAT/...te.dll

windows10-2004-x64

1

RDR2CHEAT/...te.dll

windows7-x64

1

RDR2CHEAT/...te.dll

windows10-2004-x64

1

Resubmissions

11/10/2023, 00:51

231011-a7gevsbe37 10

11/10/2023, 00:50

231011-a652tshd41 10

31/01/2023, 09:06

230131-k21xeshe3z 7

Analysis

max time kernel
142s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
11/10/2023, 00:51

Sharing

Static task

static1

fondness redline

2 signatures

Behavioral task

behavioral1

Sample

RDR2CHEAT/PrimeXLauncher.exe

Resource

win7-20230831-en

redline fondness infostealer

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

RDR2CHEAT/PrimeXLauncher.exe

Resource

win10v2004-20230915-en

redline fondness infostealer

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

RDR2CHEAT/build/net20/x64/SQLite.Interop.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

RDR2CHEAT/build/net20/x64/SQLite.Interop.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

RDR2CHEAT/build/net20/x86/SQLite.Interop.dll

Resource

win7-20230831-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

RDR2CHEAT/build/net20/x86/SQLite.Interop.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

RDR2CHEAT/build/net40/x64/SQLite.Interop.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

RDR2CHEAT/build/net40/x64/SQLite.Interop.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

RDR2CHEAT/build/net40/x86/SQLite.Interop.dll

Resource

win7-20230831-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

RDR2CHEAT/build/net40/x86/SQLite.Interop.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral11

Sample

RDR2CHEAT/build/net45/x64/SQLite.Interop.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

RDR2CHEAT/build/net45/x64/SQLite.Interop.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

RDR2CHEAT/build/net45/x86/SQLite.Interop.dll

Resource

win7-20230831-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

RDR2CHEAT/build/net45/x86/SQLite.Interop.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

RDR2CHEAT/build/net451/x64/SQLite.Interop.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

RDR2CHEAT/build/net451/x64/SQLite.Interop.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

RDR2CHEAT/build/net451/x86/SQLite.Interop.dll

Resource

win7-20230831-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

RDR2CHEAT/build/net451/x86/SQLite.Interop.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

RDR2CHEAT/build/net46/x64/SQLite.Interop.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

RDR2CHEAT/build/net46/x64/SQLite.Interop.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

RDR2CHEAT/build/net46/x86/SQLite.Interop.dll

Resource

win7-20230831-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

RDR2CHEAT/build/net46/x86/SQLite.Interop.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

RDR2CHEAT/lib/net20/System.Data.SQLite.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

RDR2CHEAT/lib/net20/System.Data.SQLite.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

RDR2CHEAT/lib/net40/System.Data.SQLite.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

RDR2CHEAT/lib/net40/System.Data.SQLite.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

RDR2CHEAT/lib/net45/System.Data.SQLite.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

RDR2CHEAT/lib/net45/System.Data.SQLite.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

RDR2CHEAT/lib/net451/System.Data.SQLite.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

RDR2CHEAT/lib/net451/System.Data.SQLite.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

RDR2CHEAT/lib/net46/System.Data.SQLite.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

RDR2CHEAT/lib/net46/System.Data.SQLite.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

RDR2CHEAT/PrimeXLauncher.exe
Size

159KB
MD5

0c2de2a3c96398428b0ce53ee8be212f
SHA1

348a9089ecdc242b2d729f642a70794d74c9a06b
SHA256

1331d10811b5b02f55f7a6fa0e957543c2c2ea5c9817518f97905b6038dfed93
SHA512

b767bb3487ddca3bfd8d998b675d149f06473190755d8b0402469ddfebfc4121384bd65107850036b67f72429bd8fca399b9b3ec54f088a49935f20ca5d3f0a3
SSDEEP

3072:OaAzRVKaMvVMLGXVJYkwOQKlTXSRBI1IVZQLv0e0Ut:OaAzRV9MMIF1IVZQLv

Score

10^/10

redline fondness infostealer

Malware Config

Extracted

Family

redline

Botnet

FONDNESS

C2

89.22.234.180:40608

Attributes

auth_value
8dd80c7c3aad106b12e2f6a3afd7a250

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

Processes

C:\Users\Admin\AppData\Local\Temp\RDR2CHEAT\PrimeXLauncher.exe
"C:\Users\Admin\AppData\Local\Temp\RDR2CHEAT\PrimeXLauncher.exe"
1⤵
PID:4108

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4108-0-0x0000000074970000-0x0000000075120000-memory.dmp

Filesize
7.7MB

Download
memory/4108-1-0x00000000001A0000-0x00000000001CE000-memory.dmp

Filesize
184KB

Download
memory/4108-2-0x0000000004FA0000-0x00000000055B8000-memory.dmp

Filesize
6.1MB

Download
memory/4108-3-0x0000000004A40000-0x0000000004A52000-memory.dmp

Filesize
72KB

Download
memory/4108-4-0x0000000004B70000-0x0000000004C7A000-memory.dmp

Filesize
1.0MB

Download
memory/4108-5-0x0000000004DA0000-0x0000000004DB0000-memory.dmp

Filesize
64KB

Download
memory/4108-6-0x0000000004AA0000-0x0000000004ADC000-memory.dmp

Filesize
240KB

Download
memory/4108-7-0x0000000004AE0000-0x0000000004B2C000-memory.dmp

Filesize
304KB

Download
memory/4108-8-0x0000000074970000-0x0000000075120000-memory.dmp

Filesize
7.7MB

Download
memory/4108-9-0x0000000004DA0000-0x0000000004DB0000-memory.dmp

Filesize
64KB

Download

© 2018-2025

Terms | Privacy