redline | 46cedac70b622d956b42016ffc41740a8e4adac188c94270c46961a7732b094e | Triage

Submit
Reports

Overview

overview

Static

static

3

46cedac70b...4e.exe

windows7-x64

46cedac70b...4e.exe

windows10-2004-x64

Sharing

General

Target

46cedac70b622d956b42016ffc41740a8e4adac188c94270c46961a7732b094e
Size

582KB
Sample

241110-13blxswhqe
MD5

4bcc93e5c6fa49832138d828c0591609
SHA1

c862f8e0d754a2b3c2369f01355d2c9db7566289
SHA256

46cedac70b622d956b42016ffc41740a8e4adac188c94270c46961a7732b094e
SHA512

f43a19959a486e16bce65a5cb8d755e10a7bbaf566cfe2d38bca78023e2c7d669d67424a69c8d2fad5ee6f712a5f4da61485fd4370f7eebfa195e8113bf1720e
SSDEEP

12288:8LDfczWW/AgKv/wrpnGk6lfSPMn2nOwZDfPFb/Xj:8ffiKSMXlq0wtBDXj

Score

10^/10

redline gena discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

46cedac70b622d956b42016ffc41740a8e4adac188c94270c46961a7732b094e.exe

Resource

win7-20240903-en

redline gena discovery infostealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

46cedac70b622d956b42016ffc41740a8e4adac188c94270c46961a7732b094e.exe

Resource

win10v2004-20241007-en

redline gena discovery infostealer

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

gena

C2

185.161.248.73:4164

Attributes

auth_value
d05bf43eef533e262271449829751d07

Targets

- Target
  
  46cedac70b622d956b42016ffc41740a8e4adac188c94270c46961a7732b094e
- Size
  
  582KB
- MD5
  
  4bcc93e5c6fa49832138d828c0591609
- SHA1
  
  c862f8e0d754a2b3c2369f01355d2c9db7566289
- SHA256
  
  46cedac70b622d956b42016ffc41740a8e4adac188c94270c46961a7732b094e
- SHA512
  
  f43a19959a486e16bce65a5cb8d755e10a7bbaf566cfe2d38bca78023e2c7d669d67424a69c8d2fad5ee6f712a5f4da61485fd4370f7eebfa195e8113bf1720e
- SSDEEP
  
  12288:8LDfczWW/AgKv/wrpnGk6lfSPMn2nOwZDfPFb/Xj:8ffiKSMXlq0wtBDXj
Score

10^/10

redline gena discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinegenadiscoveryinfostealer

behavioral2

redlinegenadiscoveryinfostealer

© 2018-2025

Terms | Privacy