redline | 0783485e4d23d233e53cc397232cd347c5cdf76ee27cd118c605829a4a7bc206 | Triage

Submit
Reports

Overview

overview

Static

static

1

7ffa3cf71f...5d.exe

windows7-x64

7ffa3cf71f...5d.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

ba5e9d2e62f5e1ed6198f7f80f28862d.bin
Size

218KB
Sample

231101-cjr8kaba52
MD5

f4566589332fb159378bc2a8803a17ab
SHA1

cd832866e342e6ab411c2135ae5d217bc22e5f29
SHA256

0783485e4d23d233e53cc397232cd347c5cdf76ee27cd118c605829a4a7bc206
SHA512

8e847ed8a642263ffccac716f95582373ae07a83339029b3786e5aa7eb426ab33d7f2249717adaeeb036992e52e7ca71f30a61c33a50c979cc58b6660cbed389
SSDEEP

6144:hkxbUITFbt/+BQPfbJgZPUB22v3yoPFEnyUlwCaju:hkxbUIpbZ+B4JgZPFo7PFMyU+CaC

Score

10^/10

redline microsoft discovery infostealer phishing spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

7ffa3cf71ff6e8aec4029586dcca55a61edcd799212eb14b7a18073fea4e8c5d.exe

Resource

win7-20231023-en

redline discovery infostealer spyware stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

7ffa3cf71ff6e8aec4029586dcca55a61edcd799212eb14b7a18073fea4e8c5d.exe

Resource

win10v2004-20231020-en

redline microsoft infostealer phishing

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  7ffa3cf71ff6e8aec4029586dcca55a61edcd799212eb14b7a18073fea4e8c5d.exe
- Size
  
  501KB
- MD5
  
  ba5e9d2e62f5e1ed6198f7f80f28862d
- SHA1
  
  36fb5e81eb10c141dee03703bb27cf3b63a6193a
- SHA256
  
  7ffa3cf71ff6e8aec4029586dcca55a61edcd799212eb14b7a18073fea4e8c5d
- SHA512
  
  6faacd60e54642b5444b712db7534be1886e9347a9e151264475e72abf17eede931c3f1b8d171d5ef2903c5aa98af7321f4a6721d053f8bee02790ebc9b79b65
- SSDEEP
  
  12288:F01DoqN4lVVE6nZH4zVAlFTO2uONvnoYZvcL:Fo43VErOBDnoYZvcL
Score

10^/10

redline discovery infostealer spyware stealer microsoft phishing
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealerspywarestealer

behavioral2

redlinemicrosoftinfostealerphishing

© 2018-2025

Terms | Privacy