redline | bf6e5b1ebee2a8280a2363a07181bf7071c4753c1677b91d4cf76f5c2b52d336 | Triage

Submit
Reports

Overview

overview

Static

static

3

bf6e5b1ebe...36.exe

windows7-x64

bf6e5b1ebe...36.exe

windows10-2004-x64

Sharing

General

Target

bf6e5b1ebee2a8280a2363a07181bf7071c4753c1677b91d4cf76f5c2b52d336
Size

295KB
Sample

241110-1sm7zawcmj
MD5

238e428318a48089fee95f58891484d1
SHA1

8e4b90c5c9c558ca5f9c47bfb8a5863372bbc733
SHA256

bf6e5b1ebee2a8280a2363a07181bf7071c4753c1677b91d4cf76f5c2b52d336
SHA512

a56fdd0e9c178010c344061439cc1f0378870311c8965821dd384bba4ed5e73a5c1c7eb7a7419899d1b0d28b0027aff6cf69c6c2f9568da7bda59c7037f71916
SSDEEP

6144:K5M8HSslbptGYoVAAOrV+WL5Zdqm0fYGxo/YVUhVsPM:KG8HSslz5V+WBqm0fNY6P

Score

10^/10

redline 9-5 discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bf6e5b1ebee2a8280a2363a07181bf7071c4753c1677b91d4cf76f5c2b52d336.exe

Resource

win7-20240729-en

redline 9-5 discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

bf6e5b1ebee2a8280a2363a07181bf7071c4753c1677b91d4cf76f5c2b52d336.exe

Resource

win10v2004-20241007-en

redline 9-5 discovery infostealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

9-5

C2

139.99.32.83:43199

Attributes

auth_value
637de2b47f42d9cc7912f71cb6b57b5b

Targets

- Target
  
  bf6e5b1ebee2a8280a2363a07181bf7071c4753c1677b91d4cf76f5c2b52d336
- Size
  
  295KB
- MD5
  
  238e428318a48089fee95f58891484d1
- SHA1
  
  8e4b90c5c9c558ca5f9c47bfb8a5863372bbc733
- SHA256
  
  bf6e5b1ebee2a8280a2363a07181bf7071c4753c1677b91d4cf76f5c2b52d336
- SHA512
  
  a56fdd0e9c178010c344061439cc1f0378870311c8965821dd384bba4ed5e73a5c1c7eb7a7419899d1b0d28b0027aff6cf69c6c2f9568da7bda59c7037f71916
- SSDEEP
  
  6144:K5M8HSslbptGYoVAAOrV+WL5Zdqm0fYGxo/YVUhVsPM:KG8HSslz5V+WBqm0fNY6P
Score

10^/10

redline 9-5 discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline9-5discoveryinfostealer

behavioral2

redline9-5discoveryinfostealer

© 2018-2025

Terms | Privacy