redline | 009e2c4ccbba2d91a056a0a48d6d6ea03714e76bffe37dc8f714d79a6b30e8e3 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

j3638661.exe

windows7-x64

j3638661.exe

windows10-2004-x64

Sharing

General

Target

j3638661.exe
Size

384KB
Sample

231011-l36dzahh39
MD5

7c73ccffc9fd1bb94bc20c9047c8bba2
SHA1

2b336775b52f623d8e6dc21f5babd15edb8c42b2
SHA256

009e2c4ccbba2d91a056a0a48d6d6ea03714e76bffe37dc8f714d79a6b30e8e3
SHA512

380fc504d8117a75f80145bfd421b840d12843fb4b9761a8abaa9f8411260eddd26f0da8a3ed362f884f0a213f0e018ed353eaa66e2f6a9dcda990b3f3d46b13
SSDEEP

12288:7TRweSHxzyZg09spUfzMJZVk95wWW6ruUF4S:7eejZgrsW6rv2

Score

10^/10

redline gruha infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

j3638661.exe

Resource

win7-20230831-en

redline gruha infostealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

j3638661.exe

Resource

win10v2004-20230915-en

redline gruha infostealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

gruha

C2

77.91.124.55:19071

Attributes

auth_value
2f4cf2e668a540e64775b27535cc6892

Targets

- Target
  
  j3638661.exe
- Size
  
  384KB
- MD5
  
  7c73ccffc9fd1bb94bc20c9047c8bba2
- SHA1
  
  2b336775b52f623d8e6dc21f5babd15edb8c42b2
- SHA256
  
  009e2c4ccbba2d91a056a0a48d6d6ea03714e76bffe37dc8f714d79a6b30e8e3
- SHA512
  
  380fc504d8117a75f80145bfd421b840d12843fb4b9761a8abaa9f8411260eddd26f0da8a3ed362f884f0a213f0e018ed353eaa66e2f6a9dcda990b3f3d46b13
- SSDEEP
  
  12288:7TRweSHxzyZg09spUfzMJZVk95wWW6ruUF4S:7eejZgrsW6rv2
Score

10^/10

redline gruha infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinegruhainfostealer

behavioral2

redlinegruhainfostealer

© 2018-2025

Terms | Privacy