redline | 51921d13908bd84b1c8fbdd77e6e29d4359ce0fc40857f6f0ad15b1b6ee74730 | Triage

Submit
Reports

Overview

overview

Static

static

3

51921d1390...30.exe

windows7-x64

51921d1390...30.exe

windows10-2004-x64

Sharing

General

Target

51921d13908bd84b1c8fbdd77e6e29d4359ce0fc40857f6f0ad15b1b6ee74730
Size

248KB
Sample

241204-11dy9szjep
MD5

74b6b35627f6453d787f1c7ea3b9ec33
SHA1

a9282e204443fed6e0be28e8e2dfe7c927706428
SHA256

51921d13908bd84b1c8fbdd77e6e29d4359ce0fc40857f6f0ad15b1b6ee74730
SHA512

da3758d999b7a593987aa8e9d708b0b3215a442dc1f3470a81f3ddc221b7875d6c9ecb1c53fce5e7ee795a20e7267d21e8fac804089bb1b65e838c0ed9530996
SSDEEP

3072:W1jGFFPBsryKxPUBnIZ/C9FUYHwKLLgQmsbVVTjC3r7wcLl2byii5DzrIlu:ug3iPUZIAFUYHDPaQVXC3xR2/iNo

Score

10^/10

redline discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

51921d13908bd84b1c8fbdd77e6e29d4359ce0fc40857f6f0ad15b1b6ee74730.exe

Resource

win7-20240903-en

redline discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

51921d13908bd84b1c8fbdd77e6e29d4359ce0fc40857f6f0ad15b1b6ee74730.exe

Resource

win10v2004-20241007-en

redline discovery infostealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

C2

135.181.173.163:4323

Attributes

auth_value
a909e2aaecf96137978fea4f86400b9b

Targets

- Target
  
  51921d13908bd84b1c8fbdd77e6e29d4359ce0fc40857f6f0ad15b1b6ee74730
- Size
  
  248KB
- MD5
  
  74b6b35627f6453d787f1c7ea3b9ec33
- SHA1
  
  a9282e204443fed6e0be28e8e2dfe7c927706428
- SHA256
  
  51921d13908bd84b1c8fbdd77e6e29d4359ce0fc40857f6f0ad15b1b6ee74730
- SHA512
  
  da3758d999b7a593987aa8e9d708b0b3215a442dc1f3470a81f3ddc221b7875d6c9ecb1c53fce5e7ee795a20e7267d21e8fac804089bb1b65e838c0ed9530996
- SSDEEP
  
  3072:W1jGFFPBsryKxPUBnIZ/C9FUYHwKLLgQmsbVVTjC3r7wcLl2byii5DzrIlu:ug3iPUZIAFUYHDPaQVXC3xR2/iNo
Score

10^/10

redline discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealer

behavioral2

redlinediscoveryinfostealer

© 2018-2024

Terms | Privacy