redline | f8e37fc295b0933fc3cadcc1eb9e22f2338fc8eb3ed4bc07ee17b552159ddda6 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

f8e37fc295b0933fc3cadcc1eb9e22f2338fc8eb3ed4bc07ee17b552159ddda6
Size

734KB
Sample

240727-sbm7msxgmc
MD5

6a4f6cee446f83970715939752a1e625
SHA1

3c6653f6c3a09e83589343e72f56e0fcade6a98a
SHA256

f8e37fc295b0933fc3cadcc1eb9e22f2338fc8eb3ed4bc07ee17b552159ddda6
SHA512

f3891ff77889d8f1dd46c01899b458afd270202877289fdcc4edca6428df61345f2b28ecb5dacc61d9587027f766d2e4d4d9ad0c3ac1bb073a524844217726a0
SSDEEP

12288:Jo8PwEOZBYFIN47++sPBfkxkZvWe2davbz8G6rFjcvklx+JrKrUt0fxSfOsmWiCG:JnPwhYFINS++Ukxk0e2U3KZ4w0JCfxWw

Score

10^/10

redline discovery infostealer

Static task

static1

Behavioral task

behavioral1

Sample

f8e37fc295b0933fc3cadcc1eb9e22f2338fc8eb3ed4bc07ee17b552159ddda6.exe

Resource

win10v2004-20240709-en

redline discovery infostealer

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

f8e37fc295b0933fc3cadcc1eb9e22f2338fc8eb3ed4bc07ee17b552159ddda6.exe

Resource

win11-20240709-en

redline discovery infostealer

windows11-21h2-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  f8e37fc295b0933fc3cadcc1eb9e22f2338fc8eb3ed4bc07ee17b552159ddda6
- Size
  
  734KB
- MD5
  
  6a4f6cee446f83970715939752a1e625
- SHA1
  
  3c6653f6c3a09e83589343e72f56e0fcade6a98a
- SHA256
  
  f8e37fc295b0933fc3cadcc1eb9e22f2338fc8eb3ed4bc07ee17b552159ddda6
- SHA512
  
  f3891ff77889d8f1dd46c01899b458afd270202877289fdcc4edca6428df61345f2b28ecb5dacc61d9587027f766d2e4d4d9ad0c3ac1bb073a524844217726a0
- SSDEEP
  
  12288:Jo8PwEOZBYFIN47++sPBfkxkZvWe2davbz8G6rFjcvklx+JrKrUt0fxSfOsmWiCG:JnPwhYFINS++Ukxk0e2U3KZ4w0JCfxWw
Score

10^/10

redline discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealer

behavioral2

redlinediscoveryinfostealer

© 2018-2025

Terms | Privacy