redline | 983386c4033951a70166b60d2313fd72f6ccfd52d3f3078bb2eb36fc327dfacd | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

983386c403...cd.exe

windows7-x64

983386c403...cd.exe

windows10-2004-x64

Sharing

General

Target

983386c4033951a70166b60d2313fd72f6ccfd52d3f3078bb2eb36fc327dfacd
Size

383KB
Sample

241111-dgjdbavkhp
MD5

0c6c559ba1d9b2e37778e84df22307f4
SHA1

8e959229bd834447fbd62a314f081de932638be6
SHA256

983386c4033951a70166b60d2313fd72f6ccfd52d3f3078bb2eb36fc327dfacd
SHA512

9ff0c01e23f97f511610f5b991fa9684e3a2fc934141b63c3ced42991e7ed4e4e644181e6db55ba980731295c1510b21cc0423415ccf5eea6e75149b9d37f92a
SSDEEP

6144:ANaJ3TPjifAJdT1HhGB35wOx6irIvIG6PDdmXb7ITsqXigaXwVfZ:+eTbMAJdxsXx6Dv4dk7R

Score

10^/10

redline 1 discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

983386c4033951a70166b60d2313fd72f6ccfd52d3f3078bb2eb36fc327dfacd.exe

Resource

win7-20240903-en

redline 1 discovery infostealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

983386c4033951a70166b60d2313fd72f6ccfd52d3f3078bb2eb36fc327dfacd.exe

Resource

win10v2004-20241007-en

redline 1 discovery infostealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

1

C2

45.9.20.59:46287

Attributes

auth_value
ec6ada170bcec2e72f0e1f3954547f73

Targets

- Target
  
  983386c4033951a70166b60d2313fd72f6ccfd52d3f3078bb2eb36fc327dfacd
- Size
  
  383KB
- MD5
  
  0c6c559ba1d9b2e37778e84df22307f4
- SHA1
  
  8e959229bd834447fbd62a314f081de932638be6
- SHA256
  
  983386c4033951a70166b60d2313fd72f6ccfd52d3f3078bb2eb36fc327dfacd
- SHA512
  
  9ff0c01e23f97f511610f5b991fa9684e3a2fc934141b63c3ced42991e7ed4e4e644181e6db55ba980731295c1510b21cc0423415ccf5eea6e75149b9d37f92a
- SSDEEP
  
  6144:ANaJ3TPjifAJdT1HhGB35wOx6irIvIG6PDdmXb7ITsqXigaXwVfZ:+eTbMAJdxsXx6Dv4dk7R
Score

10^/10

redline 1 discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline1discoveryinfostealer

behavioral2

redline1discoveryinfostealer

© 2018-2025

Terms | Privacy