redline | a3ec0982ce08855c2c47a8246d2cd18bba731c3318dde3557c48677487735125 | Triage

Submit
Reports

Overview

overview

Static

static

1

NEAS.NEASa...JC.exe

windows7-x64

NEAS.NEASa...JC.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.NEASa3ec0982ce08855c2c47a8246d2cd18bba731c3318dde3557c48677487735125exeexe_JC.exe
Size

496KB
Sample

231022-rbp6kahc4s
MD5

b71c28ff7303897ab8150b47d964a383
SHA1

f17522b796cd03a5cdda44f11a04d2b94660a29e
SHA256

a3ec0982ce08855c2c47a8246d2cd18bba731c3318dde3557c48677487735125
SHA512

5d95a44c5ab187e636830bd8bcceb7d4d852f31d308e6cf3e1b890af583b843f7385e5859c78876b34706d1e95d29ff43e835215db48715fab125b5b8f79aa87
SSDEEP

12288:d8W2lw0QB2o97Hr62k3n/+pLsv9+eXUeF6+1L:ulw0QkAr62k3n/+pAv+eHL

Score

10^/10

redline microsoft discovery infostealer phishing spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

NEAS.NEASa3ec0982ce08855c2c47a8246d2cd18bba731c3318dde3557c48677487735125exeexe_JC.exe

Resource

win7-20231020-en

redline discovery infostealer spyware stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEAS.NEASa3ec0982ce08855c2c47a8246d2cd18bba731c3318dde3557c48677487735125exeexe_JC.exe

Resource

win10v2004-20231020-en

redline microsoft infostealer phishing

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  NEAS.NEASa3ec0982ce08855c2c47a8246d2cd18bba731c3318dde3557c48677487735125exeexe_JC.exe
- Size
  
  496KB
- MD5
  
  b71c28ff7303897ab8150b47d964a383
- SHA1
  
  f17522b796cd03a5cdda44f11a04d2b94660a29e
- SHA256
  
  a3ec0982ce08855c2c47a8246d2cd18bba731c3318dde3557c48677487735125
- SHA512
  
  5d95a44c5ab187e636830bd8bcceb7d4d852f31d308e6cf3e1b890af583b843f7385e5859c78876b34706d1e95d29ff43e835215db48715fab125b5b8f79aa87
- SSDEEP
  
  12288:d8W2lw0QB2o97Hr62k3n/+pLsv9+eXUeF6+1L:ulw0QkAr62k3n/+pAv+eHL
Score

10^/10

redline discovery infostealer spyware stealer microsoft phishing
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealerspywarestealer

behavioral2

redlinemicrosoftinfostealerphishing

© 2018-2025

Terms | Privacy