redline | b7a46b6c3fd98866134d8a5831a82b7444c0c2d5fe6692adfab92051e3541c7f | Triage

Submit
Reports

Overview

overview

Static

static

3

b7a46b6c3f...7f.exe

windows7-x64

b7a46b6c3f...7f.exe

windows10-2004-x64

Sharing

General

Target

b7a46b6c3fd98866134d8a5831a82b7444c0c2d5fe6692adfab92051e3541c7f
Size

396KB
Sample

241201-yexs5svjfl
MD5

8c3e7b6b72018052253153eeac5d10a2
SHA1

e71b4799ace996616f042f3ee5d6d32418f8c687
SHA256

b7a46b6c3fd98866134d8a5831a82b7444c0c2d5fe6692adfab92051e3541c7f
SHA512

b0d48769f4db4eb4db9c5302ed6fc753cca5b0fa4f88e55345077a92092b8af71e92ce5d69608d05cc4cbf9ee566661035314ae0df9fd18332ab9df6f3c479da
SSDEEP

6144:vK4zpQJTuer7D8PX6Jzgw61RKjWMw376FZKWAlBCqf670vb06WgGZqb5loqQr:vPXuD8PX261RKuc4UqfwD6zMqU

Score

10^/10

redline work28.7 discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b7a46b6c3fd98866134d8a5831a82b7444c0c2d5fe6692adfab92051e3541c7f.exe

Resource

win7-20241023-en

redline work28.7 discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

b7a46b6c3fd98866134d8a5831a82b7444c0c2d5fe6692adfab92051e3541c7f.exe

Resource

win10v2004-20241007-en

redline work28.7 discovery infostealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

work28.7

C2

194.33.191.102:21751

Targets

- Target
  
  b7a46b6c3fd98866134d8a5831a82b7444c0c2d5fe6692adfab92051e3541c7f
- Size
  
  396KB
- MD5
  
  8c3e7b6b72018052253153eeac5d10a2
- SHA1
  
  e71b4799ace996616f042f3ee5d6d32418f8c687
- SHA256
  
  b7a46b6c3fd98866134d8a5831a82b7444c0c2d5fe6692adfab92051e3541c7f
- SHA512
  
  b0d48769f4db4eb4db9c5302ed6fc753cca5b0fa4f88e55345077a92092b8af71e92ce5d69608d05cc4cbf9ee566661035314ae0df9fd18332ab9df6f3c479da
- SSDEEP
  
  6144:vK4zpQJTuer7D8PX6Jzgw61RKjWMw376FZKWAlBCqf670vb06WgGZqb5loqQr:vPXuD8PX261RKuc4UqfwD6zMqU
Score

10^/10

redline work28.7 discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinework28.7discoveryinfostealer

behavioral2

redlinework28.7discoveryinfostealer

© 2018-2025

Terms | Privacy