redline | 87872c1d83f8efb4b847fbbd07f91d279fe808929c4029a7578374242376a998 | Triage

Submit
Reports

Overview

overview

Static

static

1

c3851fb811...88.exe

windows7-x64

c3851fb811...88.exe

windows10-2004-x64

Sharing

General

Target

d54982243febf2567aae29cc4e5f3e31
Size

712KB
Sample

241111-b4y16szerg
MD5

d54982243febf2567aae29cc4e5f3e31
SHA1

bc445a8830f9b189cacf25f336c1e7a2f42d7502
SHA256

87872c1d83f8efb4b847fbbd07f91d279fe808929c4029a7578374242376a998
SHA512

5783a2b5b77dcfcc5301b5439425cc3557fb839ec8d966671eb5d3cf7ee781a643bca2191f39aa57802c6f758a9e657c4b74074c679aa1cea60914331141e249
SSDEEP

12288:LCLhrucpB/w9nBZNz8fAQEYKGKqsaFEkg/F96Tox/fLH+vlKYoYSU+SJKi0tY3S3:shLaDZNbvPaS5z6Tm/fLevlKYP1+SkZN

Score

10^/10

redline discovery infostealer

Static task

static1

Behavioral task

behavioral1

Sample

c3851fb8114cbbd5fa02566e4ab9a8a6e99dffef5cb408f86b2ee8b2b40fc088.exe

Resource

win7-20240729-en

redline discovery infostealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

c3851fb8114cbbd5fa02566e4ab9a8a6e99dffef5cb408f86b2ee8b2b40fc088.exe

Resource

win10v2004-20241007-en

redline discovery infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

redline

C2

193.124.22.4:39946

Attributes

auth_value
859e9f9940e203faa68e84f54144caf6

Targets

- Target
  
  c3851fb8114cbbd5fa02566e4ab9a8a6e99dffef5cb408f86b2ee8b2b40fc088
- Size
  
  2.5MB
- MD5
  
  ebfc28b72580ff88d9dd4b2c4645c3e9
- SHA1
  
  7495ae8d117149070e58f322e52d9e7ce8e35969
- SHA256
  
  c3851fb8114cbbd5fa02566e4ab9a8a6e99dffef5cb408f86b2ee8b2b40fc088
- SHA512
  
  9e358aa03e182fcd4cbcb132ef41468919e9ff18ea25e99f27b4448262ac8bbead05075077dc5219ef3f602444713d1351ffd2205ad9e17eea21c9412e443cfc
- SSDEEP
  
  24576:zJkg9LtuNmAiYGYoBwQWG2GMBgdQ/JW+WhgZQ53LrwanNY/vLCz8+e/ZRaMRl3RX:zWgBtuNmhzmjYrwanNY/vDRl3h
Score

10^/10

redline discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealer

behavioral2

redlinediscoveryinfostealer

© 2018-2025

Terms | Privacy