redline | b761861f7b9817ca62cf48c54f304631c90922bf8760de3724c63e4f067dd542 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

FoxGPT.exe

windows11-21h2-x64

Resubmissions

05/10/2024, 17:58

241005-wkfeyaybkl 10

Sharing

General

Target

FoxGPT.exe
Size

11.7MB
Sample

241005-wkfeyaybkl
MD5

70ae44c33f2bc89e0b1aa4c1e616579d
SHA1

996071535f9ced7df27e676a96a41c4887dd285f
SHA256

b761861f7b9817ca62cf48c54f304631c90922bf8760de3724c63e4f067dd542
SHA512

d5922b50e5a290ae9fd49270d8c68dc51e32929d9f67bef4e84a0a27f34997949eeaa5d20a353de04848dee96850a205cb44a6eaf12bc30ee37c28e49547628c
SSDEEP

196608:chgRB5tz81kUt6UxwDyIgOxJia1xR2F6+x9yfKDDGdTq1JLZcdxD:cm9O6U4yIgCJiU2DbDrJLZy

Score

10^/10

redline spotifychecker2 defense_evasion discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

FoxGPT.exe

Resource

win11-20240802-en

redline spotifychecker2 defense_evasion discovery infostealer

windows11-21h2-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

SpotifyChecker2

C2

172.205.128.102:1912

Targets

- Target
  
  FoxGPT.exe
- Size
  
  11.7MB
- MD5
  
  70ae44c33f2bc89e0b1aa4c1e616579d
- SHA1
  
  996071535f9ced7df27e676a96a41c4887dd285f
- SHA256
  
  b761861f7b9817ca62cf48c54f304631c90922bf8760de3724c63e4f067dd542
- SHA512
  
  d5922b50e5a290ae9fd49270d8c68dc51e32929d9f67bef4e84a0a27f34997949eeaa5d20a353de04848dee96850a205cb44a6eaf12bc30ee37c28e49547628c
- SSDEEP
  
  196608:chgRB5tz81kUt6UxwDyIgOxJia1xR2F6+x9yfKDDGdTq1JLZcdxD:cm9O6U4yIgCJiU2DbDrJLZy
Score

10^/10

redline spotifychecker2 defense_evasion discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Executes dropped EXE
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinespotifychecker2defense_evasiondiscoveryinfostealer

© 2018-2025

Terms | Privacy