redline | c36f28dad2c639507041650dbaae43ada71d3fae6dd9bbb21957360daba132ce | Triage

Submit
Reports

Overview

overview

Static

static

1

c36f28dad2...ce.exe

windows7-x64

c36f28dad2...ce.exe

windows10-2004-x64

Sharing

General

Target

c36f28dad2c639507041650dbaae43ada71d3fae6dd9bbb21957360daba132ce
Size

1.5MB
Sample

241111-ankceaydqb
MD5

768341bd96bd247c9cae7b64465a0565
SHA1

08e53e5b937fb50450cdf5702ac77b67ae44f7d3
SHA256

c36f28dad2c639507041650dbaae43ada71d3fae6dd9bbb21957360daba132ce
SHA512

c6b765dfc5f5f036b938cfb7a9f54249ac7d9df06e6a2be9e0f557957bd71a0d5037084b65627f339fa7429dd75d8e969c33ed8018920e45546bedbe49c2c938
SSDEEP

49152:GepqOoiOwl21pdaL+EgwyI9KsgIPf4GjhE:5qZiOE21q9bPf4GdE

Score

10^/10

redline subzero discovery infostealer

Static task

static1

Behavioral task

behavioral1

Sample

c36f28dad2c639507041650dbaae43ada71d3fae6dd9bbb21957360daba132ce.exe

Resource

win7-20240903-en

redline subzero discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

c36f28dad2c639507041650dbaae43ada71d3fae6dd9bbb21957360daba132ce.exe

Resource

win10v2004-20241007-en

redline subzero discovery infostealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

SUBZERO

C2

185.215.113.217:19618

Attributes

auth_value
019ff2a82025cde517e4466362191205

Targets

- Target
  
  c36f28dad2c639507041650dbaae43ada71d3fae6dd9bbb21957360daba132ce
- Size
  
  1.5MB
- MD5
  
  768341bd96bd247c9cae7b64465a0565
- SHA1
  
  08e53e5b937fb50450cdf5702ac77b67ae44f7d3
- SHA256
  
  c36f28dad2c639507041650dbaae43ada71d3fae6dd9bbb21957360daba132ce
- SHA512
  
  c6b765dfc5f5f036b938cfb7a9f54249ac7d9df06e6a2be9e0f557957bd71a0d5037084b65627f339fa7429dd75d8e969c33ed8018920e45546bedbe49c2c938
- SSDEEP
  
  49152:GepqOoiOwl21pdaL+EgwyI9KsgIPf4GjhE:5qZiOE21q9bPf4GdE
Score

10^/10

redline subzero discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinesubzerodiscoveryinfostealer

behavioral2

redlinesubzerodiscoveryinfostealer

© 2018-2025

Terms | Privacy