redline | a8f1950be0a9c56e9e429580167230c4538a1e6931fbab24c094574b8561e13d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

a8f1950be0...3d.exe

windows7-x64

a8f1950be0...3d.exe

windows10-2004-x64

Sharing

General

Target

a8f1950be0a9c56e9e429580167230c4538a1e6931fbab24c094574b8561e13d
Size

425KB
Sample

241111-cdafkazgqa
MD5

d3973292b177fc13038187699f2a1649
SHA1

4fc4e6bc272734ec9945a11ee90d295f52e2308d
SHA256

a8f1950be0a9c56e9e429580167230c4538a1e6931fbab24c094574b8561e13d
SHA512

e2b321e4edc8aaa2629170673057465711f330d9e84faa86c8e12d336b307d5f4432cdd8535d6b47e56184903a1126d66d0fa078a6f91776558ec9ec82120b76
SSDEEP

6144:ZhEhUR7NXRNcctWZzL2SeCi+AkDG/Jl7kP6YYUayvLHHZlofiDP9LtQtyfWJ:ZhEhQ1MLm+ANxl7kP6YYUDvLXoEVLOy

Score

10^/10

redline bbtt1 discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a8f1950be0a9c56e9e429580167230c4538a1e6931fbab24c094574b8561e13d.exe

Resource

win7-20241023-en

redline bbtt1 discovery infostealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

a8f1950be0a9c56e9e429580167230c4538a1e6931fbab24c094574b8561e13d.exe

Resource

win10v2004-20241007-en

redline bbtt1 discovery infostealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

bbtt1

C2

212.193.30.196:13040

Attributes

auth_value
fd6c3db35926ff1b33d500d0fb0ce060

Targets

- Target
  
  a8f1950be0a9c56e9e429580167230c4538a1e6931fbab24c094574b8561e13d
- Size
  
  425KB
- MD5
  
  d3973292b177fc13038187699f2a1649
- SHA1
  
  4fc4e6bc272734ec9945a11ee90d295f52e2308d
- SHA256
  
  a8f1950be0a9c56e9e429580167230c4538a1e6931fbab24c094574b8561e13d
- SHA512
  
  e2b321e4edc8aaa2629170673057465711f330d9e84faa86c8e12d336b307d5f4432cdd8535d6b47e56184903a1126d66d0fa078a6f91776558ec9ec82120b76
- SSDEEP
  
  6144:ZhEhUR7NXRNcctWZzL2SeCi+AkDG/Jl7kP6YYUayvLHHZlofiDP9LtQtyfWJ:ZhEhQ1MLm+ANxl7kP6YYUDvLXoEVLOy
Score

10^/10

redline bbtt1 discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinebbtt1discoveryinfostealer

behavioral2

redlinebbtt1discoveryinfostealer

© 2018-2025

Terms | Privacy