redline | 8c21ce25425296e84d2a6f591d80ba7e308672d0da43dfd8ce96c8a2e00f8adf | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

8c21ce25425296e84d2a6f591d80ba7e308672d0da43dfd8ce96c8a2e00f8adf
Size

707KB
Sample

240726-dfqe8sscmq
MD5

8028eac372a280b4233b529aaf4c2130
SHA1

724bd4b840d3c0285b51ef4f41d2c6a59fe25930
SHA256

8c21ce25425296e84d2a6f591d80ba7e308672d0da43dfd8ce96c8a2e00f8adf
SHA512

e0a1b6405032086fbf823806dc9e9c8be61f21114a5b940c59c16bc15da5269f704e5aab80ad7d62891cc763f2a6d9ba2e7b2e1104306dd0805e1df4e6156704
SSDEEP

12288:cg7AIDQUi379dhSmITfn6bKVfUWB0ba0rgzjGa7uTNv257uFDrr5:cKBDQr3pdhkL6bKVMW6ha7aNvGyFDrF

Score

10^/10

redline discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8c21ce25425296e84d2a6f591d80ba7e308672d0da43dfd8ce96c8a2e00f8adf.exe

Resource

win10v2004-20240709-en

redline discovery infostealer

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

8c21ce25425296e84d2a6f591d80ba7e308672d0da43dfd8ce96c8a2e00f8adf.exe

Resource

win11-20240709-en

redline discovery infostealer

windows11-21h2-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  8c21ce25425296e84d2a6f591d80ba7e308672d0da43dfd8ce96c8a2e00f8adf
- Size
  
  707KB
- MD5
  
  8028eac372a280b4233b529aaf4c2130
- SHA1
  
  724bd4b840d3c0285b51ef4f41d2c6a59fe25930
- SHA256
  
  8c21ce25425296e84d2a6f591d80ba7e308672d0da43dfd8ce96c8a2e00f8adf
- SHA512
  
  e0a1b6405032086fbf823806dc9e9c8be61f21114a5b940c59c16bc15da5269f704e5aab80ad7d62891cc763f2a6d9ba2e7b2e1104306dd0805e1df4e6156704
- SSDEEP
  
  12288:cg7AIDQUi379dhSmITfn6bKVfUWB0ba0rgzjGa7uTNv257uFDrr5:cKBDQr3pdhkL6bKVMW6ha7aNvGyFDrF
Score

10^/10

redline discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealer

behavioral2

redlinediscoveryinfostealer

© 2018-2025

Terms | Privacy