Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Redline St...ed.exe

windows11-21h2-x64

1

Redline St...ld.exe

windows11-21h2-x64

10

Redline St...52.dll

windows11-21h2-x64

1

Redline St...ib.dll

windows11-21h2-x64

1

Redline St...UI.dll

windows11-21h2-x64

1

Redline St...db.dll

windows11-21h2-x64

1

Redline St...db.dll

windows11-21h2-x64

1

Redline St...ks.dll

windows11-21h2-x64

1

Redline St...il.dll

windows11-21h2-x64

1

Redline St...on.dll

windows11-21h2-x64

1

Redline St...ls.dll

windows11-21h2-x64

1

Redline St...en.dll

windows11-21h2-x64

1

Redline St...ib.dll

windows11-21h2-x64

1

Redline St...er.exe

windows11-21h2-x64

1

Redline St...et.dll

windows11-21h2-x64

1

Redline St...ub.exe

windows11-21h2-x64

10

Redline St...rt.bat

windows11-21h2-x64

8

Redline St...ed.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RedlineStealer Builders.zip

  • Size

    3.3MB

  • Sample

    240531-rsbz9sbc9y

  • MD5

    85c310cad910424270af2eafe84d0d47

  • SHA1

    e3c123786e2ce05bad94e4f13fc918a9ee0eed4d

  • SHA256

    f5264b6e73ee90c67b6c959996b05e6df7e01c553be30bcee84e02c568ef942a

  • SHA512

    be71bb9d68109c858307bf1718d5e22de078ca7d8033b4ee7ffc5271ab9dd686d09802567ceb18e83f825aec79872cd8e589388421efa69909e43cd3055f238e

  • SSDEEP

    98304:2VZtBsIuswXSFjdPDnXCZdZnpy1MUH4dIXuti9JIdGq:2VnBuIDrXudZnN32iirIdGq

Score
10/10
redlineevasioninfostealer

Malware Config

Targets

    • Target

      Redline Stealer Builder (Modified Variant)/RedLine_Clipper_Cracked.exe

    • Size

      827KB

    • MD5

      c45dd3b001aac16046e56cc0bed3c77c

    • SHA1

      bd295f2699d32902a71b0480e0dc9b82ba6ea155

    • SHA256

      d3ccc70fe10b2804c6d7978579645b0a04a0f7ad1f15776aefadc3f635156520

    • SHA512

      bfdaf14c0f953a68948c6114014a3dfae12a6d3237b815ad2df08f48ffd90602b712d6131aab24c7c0a5ad49007ef958004291b68fe7140dc4cc8fb4fe94f9b5

    • SSDEEP

      24576:nJlh9bDuaI53gOP3NV66jrVIpM9QdAPLqLdcBW:nJq+OP3NsukXdm+Rp

    Score
    1/10
    behavioral1

    • Target

      Redline Stealer/Libraries/Build.exe

    • Size

      141KB

    • MD5

      1035bbf6b782b7a8819fa9bc616a9657

    • SHA1

      e24f76eeaa29637aedd374f0087492d24aca22eb

    • SHA256

      4060699be22d52cd3753fa0bb8d3147a7b14b4ee9769013f2f0ad284586911cb

    • SHA512

      fb6ca81949db5bdf70ad294d68e3af534cb5e823558ac9428712a04d68b4b7413b00e3e465ad09e0e19572c777b6de7decaf705df3394177ba5792ec274e06d9

    • SSDEEP

      3072:dK1JZOpTvVQZ+rcIeRYs6YmszJqoD2P7BpGGoMTb3R35dINX9r5Mxw:8Opu0rjeRbVJqoD61pGGoMTb3RDINN

    Score
    10/10
    redlineinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    behavioral2

    • Target

      Redline Stealer/Libraries/Bunifu_UI_v1.52.dll

    • Size

      219KB

    • MD5

      5eca94d909f1ba4c5f3e35ac65a49076

    • SHA1

      3b9cb69510887117844464a2cc711c06f2c3bd19

    • SHA256

      de0e530d46c803d85b8aeb6d18816f1b09cb3dafefb5e19fdfa15c9f41e0f474

    • SHA512

      257a33c748dfb617a7e2892310132fd4abf4384fb09c93a8ac3f609fd91353a4f3e326124ecc63b6041ac87cf4fcc17a8bdca312e0c851acd9c7a182247066ea

    • SSDEEP

      6144:o1uzZh5rYAuBjtnkbxuzZ7Mg3i3hJtm4Fw2hHQHcHKaPUb:Ku1higb4zZR+9mcHX

    Score
    1/10
    behavioral3

    • Target

      Redline Stealer/Libraries/GuiLib.dll

    • Size

      50KB

    • MD5

      eaf9c55793cd26f133708714ed3a5397

    • SHA1

      1818aa718498f0810199eca2b91db300dc24f902

    • SHA256

      87cfc70bec2d2a37bcd5d46f9e6f0051f82e015ff96e8f2bc2d81b85f2632f15

    • SHA512

      b793ae1155bd7be247b42c0fc1bc53e34cf69e802c0e365427322dac4b5cc68728d24255a717aaffa774b4551a6946c17106387cff4cfdb6ce638d8a4ecab4d9

    • SSDEEP

      768:CXBWBHqfkC/Wcd1V4+8dUQeEqUNVugMP26lunzWWeddVV:CXiWJ16+8dxeAVuAWWed9

    Score
    1/10
    behavioral4

    • Target

      Redline Stealer/Libraries/MetroSet UI.dll

    • Size

      436KB

    • MD5

      f13dc3cffef729d26c4da102674561cf

    • SHA1

      5f9abff0bdf305e33b578c22dada5c87b2f6f39c

    • SHA256

      d490c04e6e89462fd46099d3454985f319f57032176c67403b3b92c86ca58bcb

    • SHA512

      aa8699c5f608a10a577cb23715f761ee28922c4778f5ea8a5ec0a184e1143689fba5a08003fd5cbf3c7dd516eac1fddc8c3f9efa1d993ba1888e87b70190c08f

    • SSDEEP

      12288:oE4n7EmAqNv8MkCvzMTlCPRSoWzz7QYaIHtMhPrYDK:oE4n7xAqN0MkCvzMTlCEoDYFH2eDK

    Score
    1/10
    behavioral5

    • Target

      Redline Stealer/Libraries/Mono.Cecil.Mdb.dll

    • Size

      42KB

    • MD5

      dc80f588f513d998a5df1ca415edb700

    • SHA1

      e2f0032798129e461f0d2494ae14ea7a4f106467

    • SHA256

      90cfc73befd43fc3fd876e23dcc3f5ce6e9d21d396bbb346513302e2215db8c9

    • SHA512

      1b3e57fbc10f109a43e229b5010d348e2786e12ddf48a757da771c97508f8f3891be3118ff3bb84c3fd6bfa1723c670541667cdbf2d14ea63243f6def8f038cc

    • SSDEEP

      768:Cr5EYZep98C87KHeBUZwrEF7b+gxfM3AkMus4iWJq9F4CRIcZwMRTIzyAt9U2:Cr59g98C87KHeBUbwgKirbdwMRTzAt9l

    Score
    1/10
    behavioral6

    • Target

      Redline Stealer/Libraries/Mono.Cecil.Pdb.dll

    • Size

      87KB

    • MD5

      6cd3ed3db95d4671b866411db4950853

    • SHA1

      528b69c35a5e36cc8d747965c9e5ea0dc40323b8

    • SHA256

      d67ebd49241041e6b6191703a90d89e68d4465adce02c595218b867df34581a3

    • SHA512

      e8ae4caf214997cc440e684a963727934741fd616a073365fa1fc213c5ca336c12e117d7fa0d6643600a820297fc11a21e4ac3c11613fba612b90ebd5fc4c07e

    • SSDEEP

      1536:fU2qJ+RazRt/Kc4oJiOxFR4NdJF0/RfhF46HAoYKHgPzpS6w7fa1C9r:s2MRtrfrR+Pe/xAiAzpQ7y1C9r

    Score
    1/10
    behavioral7

    • Target

      Redline Stealer/Libraries/Mono.Cecil.Rocks.dll

    • Size

      27KB

    • MD5

      c8f36848ce8f13084b355c934fc91746

    • SHA1

      8f60c2fd1f6f5b5f365500b2749dca8c845f827a

    • SHA256

      a08c040912df2a3c823ade85d62239d56abaa8f788a2684fb9d33961922687c7

    • SHA512

      7c47f96e0e7dfaebb4dccf99fa0dda64c608634e2521798fd0d4c74eb2641c848fadad29c2cd26eb9b45acdfef791752959117a59e1f0913f9092e4662075115

    • SSDEEP

      384:E0ve8JOuJTiC7n2NwxEXCnjB+RXcMeDz8PmR1ugLoaeuLMBG9UphJAprjEduFLHJ:E+meiCyrXOwS8uRssveum1peFLHFBbO

    Score
    1/10
    behavioral8

    • Target

      Redline Stealer/Libraries/Mono.Cecil.dll

    • Size

      337KB

    • MD5

      7546acebc5a5213dee2a5ed18d7ebc6c

    • SHA1

      b964d242c0778485322ccb3a3b7c25569c0718b7

    • SHA256

      7744c9c84c28033bc3606f4dfce2adcd6f632e2be7827893c3e2257100f1cf9e

    • SHA512

      30b3a001550dca88c8effc9e8107442560ee1f42e3d2f354cc2813ae9030bf872c76dc211fd12778385387be5937e9bf172ea00c151cab0bca77c8aafdd11f7d

    • SSDEEP

      6144:jFzzF5VOCxfiKKhsw4NiL0XRzx9WoCklyus:BdfiKI4RzWSyu

    Score
    1/10
    behavioral9

    • Target

      Redline Stealer/Libraries/Newtonsoft.Json.dll

    • Size

      683KB

    • MD5

      6815034209687816d8cf401877ec8133

    • SHA1

      1248142eb45eed3beb0d9a2d3b8bed5fe2569b10

    • SHA256

      7f912b28a07c226e0be3acfb2f57f050538aba0100fa1f0bf2c39f1a1f1da814

    • SHA512

      3398094ce429ab5dcdecf2ad04803230669bb4accaef7083992e9b87afac55841ba8def2a5168358bd17e60799e55d076b0e5ca44c86b9e6c91150d3dc37c721

    • SSDEEP

      12288:Lf9WGsSVSM2mxL2nRiOr8gUckc6V/g2GhBzj05cH:7XNL2PVh6B+Bzjmc

    Score
    1/10
    behavioral10

    • Target

      Redline Stealer/Libraries/RedLine.SharedModels.dll

    • Size

      29KB

    • MD5

      bee2969583715bfa584d073ac8d98c42

    • SHA1

      37d1221ce6bb82e7ad08fd22bd13592815a23468

    • SHA256

      5f92db78e43986f063632fb2cfafdce73e5e7e64979900783ca9a00016933375

    • SHA512

      5c139b81a51477d8362be2bf72b9f2425d54ef67b4ad715fbe8aa11f8a57435abb7f23a7ecaee18611e559d1006c0df5dd3427b6e7c3caed38d8cffd79e4bb1c

    • SSDEEP

      768:OqYS91uYM7KwU+QJDqnCz2iiMkM16dTS:OqYSqfOwTgDqnLZMn16NS

    Score
    1/10
    behavioral11

    • Target

      Redline Stealer/Libraries/System.Drawing.Pen.dll

    • Size

      2.7MB

    • MD5

      1d4e91345a76c90e0849c9389e66fe8c

    • SHA1

      744393f64d9f95a987605ac14b721dbbc985901c

    • SHA256

      1d820d1c1e9d661603cd32177fb128c9a6844fe2492b6fbb3120bd37553663b0

    • SHA512

      e0c5fa5c9141e139d529b80058c1ff8fb252116076c57fbea106ee2500cb23d3a91b76f6348bc0bcf465acde510463352a960eefd29198f4068661342cbd28b8

    • SSDEEP

      3072:tblKLY+hugA/JMGI+3TBb3K65tKMFL6uOqKXyeHD3Q6b7cvWUevzml01xvS0yiEt:t

    Score
    1/10
    behavioral12

    • Target

      Redline Stealer/Libraries/Vestris.ResourceLib.dll

    • Size

      76KB

    • MD5

      944ce5123c94c66a50376e7b37e3a6a6

    • SHA1

      a1936ac79c987a5ba47ca3d023f740401f73529b

    • SHA256

      7da3f0e77c4dddc82df7c16c8c781fade599b7c91e3d32eefbce215b8f06b12a

    • SHA512

      4c034ff51cc01567f3cb0796575528ca44623b864eb606266bcf955a9259ed26b20bec0086d79038158d3a5af2ada0a90f59d7c6aae9e545294fe77825dbe08b

    • SSDEEP

      1536:CSSYikTF0Z+sFGu11tIcyI1MtI9eDG3fL7:CJYD0Z9FGu11teI1r9ea3

    Score
    1/10
    behavioral13

    • Target

      Redline Stealer/Libraries/builder.exe

    • Size

      11KB

    • MD5

      de6f68cdf350fce9be13803d84be98c4

    • SHA1

      e37ec52f68ab48344579ccbfc4d2d90d3073c808

    • SHA256

      51bbc69942823b84c2a1f0efdb9d63fb04612b223e86af8a83b4b307dd15cd24

    • SHA512

      0344b764dc0a615d5a0bbb24ba442bd857d69fd3b102f243dafc9a9ae8776f6ad98f9af2cf680effaa5807451e310232224264ce9fe1bbc4a5f826833705ee8a

    • SSDEEP

      192:z+cfd5PJQCXA7X+k6bCcEOGtti8eXyfktOOeUpyfRM:z/d5PJQCXsXk2cFGK8WyfkIOeUsfR

    Score
    1/10
    behavioral14

    • Target

      Redline Stealer/Libraries/protobuf-net.dll

    • Size

      274KB

    • MD5

      d16fffeb71891071c1c5d9096ba03971

    • SHA1

      24c2c7a0d6c9918f037393c2a17e28a49d340df1

    • SHA256

      141b235af8ebf25d5841edee29e2dcf6297b8292a869b3966c282da960cbd14d

    • SHA512

      27fb5b77fcadbe7bd1af51f7f40d333cd12de65de12e67aaea4e5f6c0ac2a62ee65bdafb1dbc4e3c0a0b9a667b056c4c7d984b4eb1bf4b60d088848b2818d87a

    • SSDEEP

      6144:M+mGOqp3p9xOhav/ZcaiysIN5UGr8fnd0OJNGyo:JOqp3bkhUZcbyP51rACGNGyo

    Score
    1/10
    behavioral15

    • Target

      Redline Stealer/Libraries/stub.exe

    • Size

      141KB

    • MD5

      9c44ce0cc507f539a3b6aa9c3671f092

    • SHA1

      8f2ff23438e4e3e4c19537e90688f21cbe189908

    • SHA256

      7b6c6588d3bddb06a0efbbf237cf501c027dac8bd2b82c6835e0a2c8bdfae842

    • SHA512

      d0496f88e659961cd29359e15002e32550e00897ab8c4cd7079ad928582b70ef82a0d110378cca8a8404cc3e14f7769cd68a925686a577a726101bc04d633ce3

    • SSDEEP

      3072:jJq4D2X3vAY+9ZCXDLcw9XFTb3R35dINX9r0DMi:jJq4Dog7gVdFTb3RDINN

    Score
    10/10
    redlineinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    behavioral16

    • Target

      Redline Stealer/OpenPort.bat

    • Size

      94B

    • MD5

      cf1cc90281e28cee22dce7ed013c2678

    • SHA1

      2f213a71b76db3e51ad2d659f84dc1f3f90725fb

    • SHA256

      84399f8bccefa404e156a5351b1de75a2d5290b4fddd1754efb16401ed7218ef

    • SHA512

      2b61c1da7cc66506537719cedab82f172d2ac1af4df69513ba64507a5ed67989974f81791faf08c5855580df53f564600381be34c340b825f1f01919948921e1

    Score
    8/10
    evasion
    behavioral17

    • Target

      Redline Stealer/RedLine.MainPanel-cracked.exe

    • Size

      633KB

    • MD5

      baf102927947289e4d589028620ce291

    • SHA1

      5ade9a99a86e5558e5353afa7844229ed23bdcd5

    • SHA256

      a6d2d1ba6765e5245b0f62e37d9298e20c913c5a33912b98bd65a76fc5ab28ae

    • SHA512

      973ecb034ba18a74c85165df743d9d87168b07539c8ef1d60550171bc0a5766a10b9e6be1425aea203be45b4175694a489ea1b7837faa3b1927ca019492ccd37

    • SSDEEP

      12288:JhNkz1XpXpXpXpXpXpXpXpXpXpX7t4umBNOuihNynH91xX:J22Mnynd

    Score
    10/10
    redlineinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    behavioral18

MITRE ATT&CK Enterprise v15

Tasks