redline | 66c4c51ba975f96c52a816e5ce1f5e091b2f9ad3a3b5adf76da2ca529d950ba4 | Triage

Submit
Reports

Overview

overview

Static

static

3

1ab5ce1554...6N.exe

windows7-x64

1ab5ce1554...6N.exe

windows10-2004-x64

Sharing

General

Target

1ab5ce1554b33bd57fb88424fb9edaf4b1e5a1ad2208c2112b1b568b34f12646N.exe
Size

319KB
Sample

241110-3kg24azrem
MD5

ebab52d4a924bc6358c97d9a7517fdd1
SHA1

2ff49c230aa55430fd02ca0b30fca6b8b787cebd
SHA256

66c4c51ba975f96c52a816e5ce1f5e091b2f9ad3a3b5adf76da2ca529d950ba4
SHA512

7d6a73cf84a95f9ba3c1593cbdefb599383033587c50b1711fac0c489aa5780a485bdf88ce7738aadf88bf65cec103a07b3705ec27e5c481b364f526e2f64e62
SSDEEP

3072:/JQAyKmML+e45ezQbRjmepwAUDXg9n5UFTbRfu4rSpEybU7wIhilOom6le5jxW7t:pT2bRjmeb4I5UFTbRfu4+pRXMqO7Pz8F

Score

10^/10

redline rosn discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1ab5ce1554b33bd57fb88424fb9edaf4b1e5a1ad2208c2112b1b568b34f12646N.exe

Resource

win7-20241010-en

redline rosn discovery infostealer

windows7-x64

5 signatures

120 seconds

Behavioral task

behavioral2

Sample

1ab5ce1554b33bd57fb88424fb9edaf4b1e5a1ad2208c2112b1b568b34f12646N.exe

Resource

win10v2004-20241007-en

redline rosn discovery infostealer

windows10-2004-x64

5 signatures

120 seconds

Malware Config

Extracted

Family

redline

Botnet

rosn

C2

176.113.115.145:4125

Attributes

auth_value
050a19e1db4d0024b0f23b37dcf961f4

Targets

- Target
  
  1ab5ce1554b33bd57fb88424fb9edaf4b1e5a1ad2208c2112b1b568b34f12646N.exe
- Size
  
  319KB
- MD5
  
  ebab52d4a924bc6358c97d9a7517fdd1
- SHA1
  
  2ff49c230aa55430fd02ca0b30fca6b8b787cebd
- SHA256
  
  66c4c51ba975f96c52a816e5ce1f5e091b2f9ad3a3b5adf76da2ca529d950ba4
- SHA512
  
  7d6a73cf84a95f9ba3c1593cbdefb599383033587c50b1711fac0c489aa5780a485bdf88ce7738aadf88bf65cec103a07b3705ec27e5c481b364f526e2f64e62
- SSDEEP
  
  3072:/JQAyKmML+e45ezQbRjmepwAUDXg9n5UFTbRfu4rSpEybU7wIhilOom6le5jxW7t:pT2bRjmeb4I5UFTbRfu4+pRXMqO7Pz8F
Score

10^/10

redline rosn discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinerosndiscoveryinfostealer

behavioral2

redlinerosndiscoveryinfostealer

© 2018-2025

Terms | Privacy