redline | a58e1ca08662224133a588340c92977a0c8e449287fc66ee24c962cbfadcd2ed | Triage

Submit
Reports

Overview

overview

Static

static

1

a58e1ca086...ed.exe

windows7-x64

a58e1ca086...ed.exe

windows10-2004-x64

Sharing

General

Target

a58e1ca08662224133a588340c92977a0c8e449287fc66ee24c962cbfadcd2ed
Size

2.3MB
Sample

241110-zxntmavhpg
MD5

471cd843cafd0c683fcf443938ea57fc
SHA1

7c0dd2817b7e9fcadea4f50fbf55027fe02b9dbf
SHA256

a58e1ca08662224133a588340c92977a0c8e449287fc66ee24c962cbfadcd2ed
SHA512

8eb74441904e8f260d95690684e1f82ace12c173a044a3ee12b1e4e0e0822b817ae11f7b19f991e4fdc97a3d592abea3de4e3aaff92bbaf1630a20161f88347f
SSDEEP

24576:0AN0mRQJEjZr7E/TO/oxm0lTsQ6dabP6Xxf8ZgOfBdSHuQ5p3h3T3:0AN0mRQJEjZr7c+jC5bP6XB8ZgGU

Score

10^/10

redline inst bot usa discovery infostealer

Static task

static1

Behavioral task

behavioral1

Sample

a58e1ca08662224133a588340c92977a0c8e449287fc66ee24c962cbfadcd2ed.exe

Resource

win7-20240903-en

redline inst bot usa discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

a58e1ca08662224133a588340c92977a0c8e449287fc66ee24c962cbfadcd2ed.exe

Resource

win10v2004-20241007-en

redline inst bot usa discovery infostealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

inst bot usa

C2

185.215.113.74:21098

Attributes

auth_value
899dc7b7d3f657473afed493a701bbbc

Targets

- Target
  
  a58e1ca08662224133a588340c92977a0c8e449287fc66ee24c962cbfadcd2ed
- Size
  
  2.3MB
- MD5
  
  471cd843cafd0c683fcf443938ea57fc
- SHA1
  
  7c0dd2817b7e9fcadea4f50fbf55027fe02b9dbf
- SHA256
  
  a58e1ca08662224133a588340c92977a0c8e449287fc66ee24c962cbfadcd2ed
- SHA512
  
  8eb74441904e8f260d95690684e1f82ace12c173a044a3ee12b1e4e0e0822b817ae11f7b19f991e4fdc97a3d592abea3de4e3aaff92bbaf1630a20161f88347f
- SSDEEP
  
  24576:0AN0mRQJEjZr7E/TO/oxm0lTsQ6dabP6Xxf8ZgOfBdSHuQ5p3h3T3:0AN0mRQJEjZr7c+jC5bP6XB8ZgGU
Score

10^/10

redline inst bot usa discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlineinst bot usadiscoveryinfostealer

behavioral2

redlineinst bot usadiscoveryinfostealer

© 2018-2025

Terms | Privacy