redline | 95d412f833725a95c560bd91035297fdcc30bb07638cfc5a70cc9ee1886ac000 | Triage

Submit
Reports

Overview

overview

Static

static

3

3cfe80cbae...20.exe

windows7-x64

3cfe80cbae...20.exe

windows10-2004-x64

Sharing

General

Target

95d412f833725a95c560bd91035297fdcc30bb07638cfc5a70cc9ee1886ac000
Size

124KB
Sample

241111-csbxyazglr
MD5

f3994b9052be9f9b90bffaff0b299873
SHA1

eccc88daaa94f3fbb0861843483e11d3465fdeda
SHA256

95d412f833725a95c560bd91035297fdcc30bb07638cfc5a70cc9ee1886ac000
SHA512

7ccfc16aa9c7db2f9fbfd2b941842f8bc062316d80a926a6997fea237a8285204e1e6ffbc6dc5cbd49de0e639951aa091b57b44d690bf609e4078d0dbe10ea25
SSDEEP

3072:sq5T22fnkYHaUA/XAOAXvNKYSy04Cyk/1O014Qno9RaI:PTxVHaUAvAOiYo04Cyk/kw4QORaI

Score

10^/10

redline test discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3cfe80cbae6944a7e1a8203faec93e45d85929ea6de70e76e9b5890d0b527120.exe

Resource

win7-20241010-en

redline test discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

3cfe80cbae6944a7e1a8203faec93e45d85929ea6de70e76e9b5890d0b527120.exe

Resource

win10v2004-20241007-en

redline test discovery infostealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

TEST

C2

135.181.173.163:4326

Attributes

auth_value
8a46343f547fa4ff203e369457dfd28d

Targets

- Target
  
  3cfe80cbae6944a7e1a8203faec93e45d85929ea6de70e76e9b5890d0b527120.exe
- Size
  
  1.1MB
- MD5
  
  8ae47c8391af6dab310f21335c7b3673
- SHA1
  
  8be68d84b606feaa61c03214ba2e6616bb07be3a
- SHA256
  
  3cfe80cbae6944a7e1a8203faec93e45d85929ea6de70e76e9b5890d0b527120
- SHA512
  
  4f4281691e8a040afad33c908286410c6c96e6d7468aa58eca60d2657200cc79f0c2caa83f7e1b45b092e45e78667c99c08fd2ca6a6fb7a19eb5b3a60b601e8d
- SSDEEP
  
  3072:OOqwKhYR4gXnTnFaRfUPLwRVomHud30ialfreUwkX4cJsJmJ:O5m4gwFHY0iadDwRcJsJmJ
Score

10^/10

redline test discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinetestdiscoveryinfostealer

behavioral2

redlinetestdiscoveryinfostealer

© 2018-2025

Terms | Privacy