redline | c5351bcf25028b82c2ba8ffd2f7d324a47986b9c8fa35447e0876fb7c9f5bb44 | Triage

Submit
Reports

Overview

overview

Static

static

3

69b3cec83a...3f.exe

windows7-x64

69b3cec83a...3f.exe

windows10-2004-x64

Sharing

General

Target

f45d9b844bd38845415b0d4b1e5255b3.bin
Size

209KB
Sample

231029-def56see6s
MD5

efed47fd3277209cf64d52af90e04e45
SHA1

396a72bef65f7ae2187db10861e38b2aa1f6c174
SHA256

c5351bcf25028b82c2ba8ffd2f7d324a47986b9c8fa35447e0876fb7c9f5bb44
SHA512

c837ed8e9e41a6df823c30c2053412dff77655b96c0e3375fa54258850e5de0f4f7fc8ae65706c19a8e506767a41fc7d381172cb503869f0eb6652ff10a0c42a
SSDEEP

6144:3KcrYQxJqplntS4rwJWYslzb9So2/oSW6huy:df/qbntZIwH9SrdW6huy

Score

10^/10

redline discovery infostealer spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

69b3cec83a51a5142d2f03856347bfe454e79c785e0b6425c0bcd632edf94a3f.exe

Resource

win7-20231025-en

redline discovery infostealer spyware stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

69b3cec83a51a5142d2f03856347bfe454e79c785e0b6425c0bcd632edf94a3f.exe

Resource

win10v2004-20231023-en

redline discovery infostealer spyware stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  69b3cec83a51a5142d2f03856347bfe454e79c785e0b6425c0bcd632edf94a3f.exe
- Size
  
  490KB
- MD5
  
  f45d9b844bd38845415b0d4b1e5255b3
- SHA1
  
  67b60a43e6262c1d6547463022b2e90f51d98b2e
- SHA256
  
  69b3cec83a51a5142d2f03856347bfe454e79c785e0b6425c0bcd632edf94a3f
- SHA512
  
  bb217704c96cd54c1d100d47f066a678fe1cc5a747d0e283599e07e269cbc31e02a163cb7dc03c57894dc4b95f4b92da928cf2751e07b1717f888b266cb05921
- SSDEEP
  
  6144:sSyQdzblQNrVxVA3wWMw+ktVD4TqsDz9GdGGg226lo7fhvIUE:lyQx6NrjVA3BJ+ktV8TqsdaZxvlo7Zv
Score

10^/10

redline discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealerspywarestealer

behavioral2

redlinediscoveryinfostealerspywarestealer

© 2018-2025

Terms | Privacy