redline | e03509d92cc897f4ba6c5d68080f43ef3bd6f0d9747505cd15ef1d75db4b9d77 | Triage

Submit
Reports

Overview

overview

Static

static

build.exe

windows10-2004-x64

Sharing

General

Target

build.exe
Size

300KB
Sample

240601-qtvnbsed35
MD5

d0fbb4491901f176b0ef3bd4ad31a0c9
SHA1

0288dc871936df948148cb8d86682aac442d9cdf
SHA256

e03509d92cc897f4ba6c5d68080f43ef3bd6f0d9747505cd15ef1d75db4b9d77
SHA512

5d1f7b8f235c948fbf009c08a54cb1750a7ffbfd38ad7889a7a03256933527a7a52cc3d79de947e8c5265344d2a9fd615f685ab4b289475e7dc45041ec0875aa
SSDEEP

3072:ScZqf7D34bp/0+mAqky4kBQIgntB1fA0PuTVAtkxzF3RkeqiOL2bBOA:ScZqf7DIFn0m1B1fA0GTV8kvML

Score

10^/10

redline 2 infostealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

build.exe

Resource

win10v2004-20240426-en

redline 2 infostealer

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

2

C2

80.143.43.131:1912

Targets

- Target
  
  build.exe
- Size
  
  300KB
- MD5
  
  d0fbb4491901f176b0ef3bd4ad31a0c9
- SHA1
  
  0288dc871936df948148cb8d86682aac442d9cdf
- SHA256
  
  e03509d92cc897f4ba6c5d68080f43ef3bd6f0d9747505cd15ef1d75db4b9d77
- SHA512
  
  5d1f7b8f235c948fbf009c08a54cb1750a7ffbfd38ad7889a7a03256933527a7a52cc3d79de947e8c5265344d2a9fd615f685ab4b289475e7dc45041ec0875aa
- SSDEEP
  
  3072:ScZqf7D34bp/0+mAqky4kBQIgntB1fA0PuTVAtkxzF3RkeqiOL2bBOA:ScZqf7DIFn0m1B1fA0GTV8kvML
Score

10^/10

redline 2 infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline2infostealer

© 2018-2025

Terms | Privacy