Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    RedlineStealer Builders.zip

  • Size

    3.3MB

  • Sample

    240531-rsbz9sbc9y

  • MD5

    85c310cad910424270af2eafe84d0d47

  • SHA1

    e3c123786e2ce05bad94e4f13fc918a9ee0eed4d

  • SHA256

    f5264b6e73ee90c67b6c959996b05e6df7e01c553be30bcee84e02c568ef942a

  • SHA512

    be71bb9d68109c858307bf1718d5e22de078ca7d8033b4ee7ffc5271ab9dd686d09802567ceb18e83f825aec79872cd8e589388421efa69909e43cd3055f238e

  • SSDEEP

    98304:2VZtBsIuswXSFjdPDnXCZdZnpy1MUH4dIXuti9JIdGq:2VnBuIDrXudZnN32iirIdGq

Malware Config

Targets

    • Target

      Redline Stealer Builder (Modified Variant)/RedLine_Clipper_Cracked.exe

    • Size

      827KB

    • MD5

      c45dd3b001aac16046e56cc0bed3c77c

    • SHA1

      bd295f2699d32902a71b0480e0dc9b82ba6ea155

    • SHA256

      d3ccc70fe10b2804c6d7978579645b0a04a0f7ad1f15776aefadc3f635156520

    • SHA512

      bfdaf14c0f953a68948c6114014a3dfae12a6d3237b815ad2df08f48ffd90602b712d6131aab24c7c0a5ad49007ef958004291b68fe7140dc4cc8fb4fe94f9b5

    • SSDEEP

      24576:nJlh9bDuaI53gOP3NV66jrVIpM9QdAPLqLdcBW:nJq+OP3NsukXdm+Rp

    Score
    1/10
    • Target

      Redline Stealer/Libraries/Build.exe

    • Size

      141KB

    • MD5

      1035bbf6b782b7a8819fa9bc616a9657

    • SHA1

      e24f76eeaa29637aedd374f0087492d24aca22eb

    • SHA256

      4060699be22d52cd3753fa0bb8d3147a7b14b4ee9769013f2f0ad284586911cb

    • SHA512

      fb6ca81949db5bdf70ad294d68e3af534cb5e823558ac9428712a04d68b4b7413b00e3e465ad09e0e19572c777b6de7decaf705df3394177ba5792ec274e06d9

    • SSDEEP

      3072:dK1JZOpTvVQZ+rcIeRYs6YmszJqoD2P7BpGGoMTb3R35dINX9r5Mxw:8Opu0rjeRbVJqoD61pGGoMTb3RDINN

    Score
    10/10
    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Target

      Redline Stealer/Libraries/Bunifu_UI_v1.52.dll

    • Size

      219KB

    • MD5

      5eca94d909f1ba4c5f3e35ac65a49076

    • SHA1

      3b9cb69510887117844464a2cc711c06f2c3bd19

    • SHA256

      de0e530d46c803d85b8aeb6d18816f1b09cb3dafefb5e19fdfa15c9f41e0f474

    • SHA512

      257a33c748dfb617a7e2892310132fd4abf4384fb09c93a8ac3f609fd91353a4f3e326124ecc63b6041ac87cf4fcc17a8bdca312e0c851acd9c7a182247066ea

    • SSDEEP

      6144:o1uzZh5rYAuBjtnkbxuzZ7Mg3i3hJtm4Fw2hHQHcHKaPUb:Ku1higb4zZR+9mcHX

    Score
    1/10
    • Target

      Redline Stealer/Libraries/GuiLib.dll

    • Size

      50KB

    • MD5

      eaf9c55793cd26f133708714ed3a5397

    • SHA1

      1818aa718498f0810199eca2b91db300dc24f902

    • SHA256

      87cfc70bec2d2a37bcd5d46f9e6f0051f82e015ff96e8f2bc2d81b85f2632f15

    • SHA512

      b793ae1155bd7be247b42c0fc1bc53e34cf69e802c0e365427322dac4b5cc68728d24255a717aaffa774b4551a6946c17106387cff4cfdb6ce638d8a4ecab4d9

    • SSDEEP

      768:CXBWBHqfkC/Wcd1V4+8dUQeEqUNVugMP26lunzWWeddVV:CXiWJ16+8dxeAVuAWWed9

    Score
    1/10
    • Target

      Redline Stealer/Libraries/MetroSet UI.dll

    • Size

      436KB

    • MD5

      f13dc3cffef729d26c4da102674561cf

    • SHA1

      5f9abff0bdf305e33b578c22dada5c87b2f6f39c

    • SHA256

      d490c04e6e89462fd46099d3454985f319f57032176c67403b3b92c86ca58bcb

    • SHA512

      aa8699c5f608a10a577cb23715f761ee28922c4778f5ea8a5ec0a184e1143689fba5a08003fd5cbf3c7dd516eac1fddc8c3f9efa1d993ba1888e87b70190c08f

    • SSDEEP

      12288:oE4n7EmAqNv8MkCvzMTlCPRSoWzz7QYaIHtMhPrYDK:oE4n7xAqN0MkCvzMTlCEoDYFH2eDK

    Score
    1/10
    • Target

      Redline Stealer/Libraries/Mono.Cecil.Mdb.dll

    • Size

      42KB

    • MD5

      dc80f588f513d998a5df1ca415edb700

    • SHA1

      e2f0032798129e461f0d2494ae14ea7a4f106467

    • SHA256

      90cfc73befd43fc3fd876e23dcc3f5ce6e9d21d396bbb346513302e2215db8c9

    • SHA512

      1b3e57fbc10f109a43e229b5010d348e2786e12ddf48a757da771c97508f8f3891be3118ff3bb84c3fd6bfa1723c670541667cdbf2d14ea63243f6def8f038cc

    • SSDEEP

      768:Cr5EYZep98C87KHeBUZwrEF7b+gxfM3AkMus4iWJq9F4CRIcZwMRTIzyAt9U2:Cr59g98C87KHeBUbwgKirbdwMRTzAt9l

    Score
    1/10
    • Target

      Redline Stealer/Libraries/Mono.Cecil.Pdb.dll

    • Size

      87KB

    • MD5

      6cd3ed3db95d4671b866411db4950853

    • SHA1

      528b69c35a5e36cc8d747965c9e5ea0dc40323b8

    • SHA256

      d67ebd49241041e6b6191703a90d89e68d4465adce02c595218b867df34581a3

    • SHA512

      e8ae4caf214997cc440e684a963727934741fd616a073365fa1fc213c5ca336c12e117d7fa0d6643600a820297fc11a21e4ac3c11613fba612b90ebd5fc4c07e

    • SSDEEP

      1536:fU2qJ+RazRt/Kc4oJiOxFR4NdJF0/RfhF46HAoYKHgPzpS6w7fa1C9r:s2MRtrfrR+Pe/xAiAzpQ7y1C9r

    Score
    1/10
    • Target

      Redline Stealer/Libraries/Mono.Cecil.Rocks.dll

    • Size

      27KB

    • MD5

      c8f36848ce8f13084b355c934fc91746

    • SHA1

      8f60c2fd1f6f5b5f365500b2749dca8c845f827a

    • SHA256

      a08c040912df2a3c823ade85d62239d56abaa8f788a2684fb9d33961922687c7

    • SHA512

      7c47f96e0e7dfaebb4dccf99fa0dda64c608634e2521798fd0d4c74eb2641c848fadad29c2cd26eb9b45acdfef791752959117a59e1f0913f9092e4662075115

    • SSDEEP

      384:E0ve8JOuJTiC7n2NwxEXCnjB+RXcMeDz8PmR1ugLoaeuLMBG9UphJAprjEduFLHJ:E+meiCyrXOwS8uRssveum1peFLHFBbO

    Score
    1/10
    • Target

      Redline Stealer/Libraries/Mono.Cecil.dll

    • Size

      337KB

    • MD5

      7546acebc5a5213dee2a5ed18d7ebc6c

    • SHA1

      b964d242c0778485322ccb3a3b7c25569c0718b7

    • SHA256

      7744c9c84c28033bc3606f4dfce2adcd6f632e2be7827893c3e2257100f1cf9e

    • SHA512

      30b3a001550dca88c8effc9e8107442560ee1f42e3d2f354cc2813ae9030bf872c76dc211fd12778385387be5937e9bf172ea00c151cab0bca77c8aafdd11f7d

    • SSDEEP

      6144:jFzzF5VOCxfiKKhsw4NiL0XRzx9WoCklyus:BdfiKI4RzWSyu

    Score
    1/10
    • Target

      Redline Stealer/Libraries/Newtonsoft.Json.dll

    • Size

      683KB

    • MD5

      6815034209687816d8cf401877ec8133

    • SHA1

      1248142eb45eed3beb0d9a2d3b8bed5fe2569b10

    • SHA256

      7f912b28a07c226e0be3acfb2f57f050538aba0100fa1f0bf2c39f1a1f1da814

    • SHA512

      3398094ce429ab5dcdecf2ad04803230669bb4accaef7083992e9b87afac55841ba8def2a5168358bd17e60799e55d076b0e5ca44c86b9e6c91150d3dc37c721

    • SSDEEP

      12288:Lf9WGsSVSM2mxL2nRiOr8gUckc6V/g2GhBzj05cH:7XNL2PVh6B+Bzjmc

    Score
    1/10
    • Target

      Redline Stealer/Libraries/RedLine.SharedModels.dll

    • Size

      29KB

    • MD5

      bee2969583715bfa584d073ac8d98c42

    • SHA1

      37d1221ce6bb82e7ad08fd22bd13592815a23468

    • SHA256

      5f92db78e43986f063632fb2cfafdce73e5e7e64979900783ca9a00016933375

    • SHA512

      5c139b81a51477d8362be2bf72b9f2425d54ef67b4ad715fbe8aa11f8a57435abb7f23a7ecaee18611e559d1006c0df5dd3427b6e7c3caed38d8cffd79e4bb1c

    • SSDEEP

      768:OqYS91uYM7KwU+QJDqnCz2iiMkM16dTS:OqYSqfOwTgDqnLZMn16NS

    Score
    1/10
    • Target

      Redline Stealer/Libraries/System.Drawing.Pen.dll

    • Size

      2.7MB

    • MD5

      1d4e91345a76c90e0849c9389e66fe8c

    • SHA1

      744393f64d9f95a987605ac14b721dbbc985901c

    • SHA256

      1d820d1c1e9d661603cd32177fb128c9a6844fe2492b6fbb3120bd37553663b0

    • SHA512

      e0c5fa5c9141e139d529b80058c1ff8fb252116076c57fbea106ee2500cb23d3a91b76f6348bc0bcf465acde510463352a960eefd29198f4068661342cbd28b8

    • SSDEEP

      3072:tblKLY+hugA/JMGI+3TBb3K65tKMFL6uOqKXyeHD3Q6b7cvWUevzml01xvS0yiEt:t

    Score
    1/10
    • Target

      Redline Stealer/Libraries/Vestris.ResourceLib.dll

    • Size

      76KB

    • MD5

      944ce5123c94c66a50376e7b37e3a6a6

    • SHA1

      a1936ac79c987a5ba47ca3d023f740401f73529b

    • SHA256

      7da3f0e77c4dddc82df7c16c8c781fade599b7c91e3d32eefbce215b8f06b12a

    • SHA512

      4c034ff51cc01567f3cb0796575528ca44623b864eb606266bcf955a9259ed26b20bec0086d79038158d3a5af2ada0a90f59d7c6aae9e545294fe77825dbe08b

    • SSDEEP

      1536:CSSYikTF0Z+sFGu11tIcyI1MtI9eDG3fL7:CJYD0Z9FGu11teI1r9ea3

    Score
    1/10
    • Target

      Redline Stealer/Libraries/builder.exe

    • Size

      11KB

    • MD5

      de6f68cdf350fce9be13803d84be98c4

    • SHA1

      e37ec52f68ab48344579ccbfc4d2d90d3073c808

    • SHA256

      51bbc69942823b84c2a1f0efdb9d63fb04612b223e86af8a83b4b307dd15cd24

    • SHA512

      0344b764dc0a615d5a0bbb24ba442bd857d69fd3b102f243dafc9a9ae8776f6ad98f9af2cf680effaa5807451e310232224264ce9fe1bbc4a5f826833705ee8a

    • SSDEEP

      192:z+cfd5PJQCXA7X+k6bCcEOGtti8eXyfktOOeUpyfRM:z/d5PJQCXsXk2cFGK8WyfkIOeUsfR

    Score
    1/10
    • Target

      Redline Stealer/Libraries/protobuf-net.dll

    • Size

      274KB

    • MD5

      d16fffeb71891071c1c5d9096ba03971

    • SHA1

      24c2c7a0d6c9918f037393c2a17e28a49d340df1

    • SHA256

      141b235af8ebf25d5841edee29e2dcf6297b8292a869b3966c282da960cbd14d

    • SHA512

      27fb5b77fcadbe7bd1af51f7f40d333cd12de65de12e67aaea4e5f6c0ac2a62ee65bdafb1dbc4e3c0a0b9a667b056c4c7d984b4eb1bf4b60d088848b2818d87a

    • SSDEEP

      6144:M+mGOqp3p9xOhav/ZcaiysIN5UGr8fnd0OJNGyo:JOqp3bkhUZcbyP51rACGNGyo

    Score
    1/10
    • Target

      Redline Stealer/Libraries/stub.exe

    • Size

      141KB

    • MD5

      9c44ce0cc507f539a3b6aa9c3671f092

    • SHA1

      8f2ff23438e4e3e4c19537e90688f21cbe189908

    • SHA256

      7b6c6588d3bddb06a0efbbf237cf501c027dac8bd2b82c6835e0a2c8bdfae842

    • SHA512

      d0496f88e659961cd29359e15002e32550e00897ab8c4cd7079ad928582b70ef82a0d110378cca8a8404cc3e14f7769cd68a925686a577a726101bc04d633ce3

    • SSDEEP

      3072:jJq4D2X3vAY+9ZCXDLcw9XFTb3R35dINX9r0DMi:jJq4Dog7gVdFTb3RDINN

    Score
    10/10
    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Target

      Redline Stealer/OpenPort.bat

    • Size

      94B

    • MD5

      cf1cc90281e28cee22dce7ed013c2678

    • SHA1

      2f213a71b76db3e51ad2d659f84dc1f3f90725fb

    • SHA256

      84399f8bccefa404e156a5351b1de75a2d5290b4fddd1754efb16401ed7218ef

    • SHA512

      2b61c1da7cc66506537719cedab82f172d2ac1af4df69513ba64507a5ed67989974f81791faf08c5855580df53f564600381be34c340b825f1f01919948921e1

    Score
    8/10
    • Target

      Redline Stealer/RedLine.MainPanel-cracked.exe

    • Size

      633KB

    • MD5

      baf102927947289e4d589028620ce291

    • SHA1

      5ade9a99a86e5558e5353afa7844229ed23bdcd5

    • SHA256

      a6d2d1ba6765e5245b0f62e37d9298e20c913c5a33912b98bd65a76fc5ab28ae

    • SHA512

      973ecb034ba18a74c85165df743d9d87168b07539c8ef1d60550171bc0a5766a10b9e6be1425aea203be45b4175694a489ea1b7837faa3b1927ca019492ccd37

    • SSDEEP

      12288:JhNkz1XpXpXpXpXpXpXpXpXpXpX7t4umBNOuihNynH91xX:J22Mnynd

    Score
    10/10
    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.