Overview
overview
10Static
static
10Redline St...52.dll
windows7-x64
1Redline St...52.dll
windows10-2004-x64
1Redline St...ng.dll
windows7-x64
1Redline St...ng.dll
windows10-2004-x64
1Redline St...ib.dll
windows7-x64
1Redline St...ib.dll
windows10-2004-x64
1Redline St...or.dll
windows7-x64
1Redline St...or.dll
windows10-2004-x64
1Redline St...UI.dll
windows7-x64
1Redline St...UI.dll
windows10-2004-x64
1Redline St...es.dll
windows7-x64
1Redline St...es.dll
windows10-2004-x64
1Redline St...tp.dll
windows7-x64
1Redline St...tp.dll
windows10-2004-x64
1Redline St...ma.dll
windows7-x64
1Redline St...ma.dll
windows10-2004-x64
1Redline St...on.dll
windows7-x64
1Redline St...on.dll
windows10-2004-x64
1Redline St...el.exe
windows7-x64
3Redline St...el.exe
windows10-2004-x64
7Redline St...to.dll
windows7-x64
1Redline St...to.dll
windows10-2004-x64
1Redline St...rp.dll
windows7-x64
1Redline St...rp.dll
windows10-2004-x64
1Redline St...rs.dll
windows7-x64
1Redline St...rs.dll
windows10-2004-x64
1Redline St...ry.dll
windows7-x64
1Redline St...ry.dll
windows10-2004-x64
1Redline St...ng.dll
windows7-x64
1Redline St...ng.dll
windows10-2004-x64
1Redline St...rs.dll
windows7-x64
1Redline St...rs.dll
windows10-2004-x64
1General
-
Target
Redline_Stealer_v30.32.rar
-
Size
35.9MB
-
Sample
241218-lk1qrstkcs
-
MD5
83b7d7b372b0301530afa139e0ea789e
-
SHA1
2a70ea95310abe1cf460bbc9d24d1f559f9e5427
-
SHA256
f769860a072bb26c3b311405c9549264362927ed2062553568261cbe3ae601f5
-
SHA512
ed915cc76f34ff41067fb432b87f9d6f31237d665aeb8c24d38d429e97cdaca06657278425713a0ef14ad284cf649efe13e9fa1d9dfe208f44aea179ac37ca17
-
SSDEEP
786432:FGr+WC2v+ET23NUNjL/T+Z78LfNMpW3W++f1:4rv+EIUNjogNwW3W++f1
Behavioral task
behavioral1
Sample
Redline Stealer v30.32/Panel/Bunifu_UI_v1.52.dll
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
Redline Stealer v30.32/Panel/Bunifu_UI_v1.52.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
Redline Stealer v30.32/Panel/Common.Logging.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
Redline Stealer v30.32/Panel/Common.Logging.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
Redline Stealer v30.32/Panel/GuiLib.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
Redline Stealer v30.32/Panel/GuiLib.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
Redline Stealer v30.32/Panel/IPLocator.dll
Resource
win7-20240708-en
Behavioral task
behavioral8
Sample
Redline Stealer v30.32/Panel/IPLocator.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
Redline Stealer v30.32/Panel/MetroSet UI.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
Redline Stealer v30.32/Panel/MetroSet UI.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
Redline Stealer v30.32/Panel/Microsoft.Bcl.AsyncInterfaces.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
Redline Stealer v30.32/Panel/Microsoft.Bcl.AsyncInterfaces.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
Redline Stealer v30.32/Panel/NHttp.dll
Resource
win7-20241023-en
Behavioral task
behavioral14
Sample
Redline Stealer v30.32/Panel/NHttp.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
Redline Stealer v30.32/Panel/Newtonsoft.Json.Schema.dll
Resource
win7-20241010-en
Behavioral task
behavioral16
Sample
Redline Stealer v30.32/Panel/Newtonsoft.Json.Schema.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
Redline Stealer v30.32/Panel/Newtonsoft.Json.dll
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
Redline Stealer v30.32/Panel/Newtonsoft.Json.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
Redline Stealer v30.32/Panel/Panel.exe
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
Redline Stealer v30.32/Panel/Panel.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
Redline Stealer v30.32/Panel/Pluralsight.Crypto.dll
Resource
win7-20241010-en
Behavioral task
behavioral22
Sample
Redline Stealer v30.32/Panel/Pluralsight.Crypto.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
Redline Stealer v30.32/Panel/RestSharp.dll
Resource
win7-20240708-en
Behavioral task
behavioral24
Sample
Redline Stealer v30.32/Panel/RestSharp.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
Redline Stealer v30.32/Panel/System.Buffers.dll
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
Redline Stealer v30.32/Panel/System.Buffers.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
Redline Stealer v30.32/Panel/System.Memory.dll
Resource
win7-20241023-en
Behavioral task
behavioral28
Sample
Redline Stealer v30.32/Panel/System.Memory.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
Redline Stealer v30.32/Panel/System.Net.Http.Formatting.dll
Resource
win7-20241010-en
Behavioral task
behavioral30
Sample
Redline Stealer v30.32/Panel/System.Net.Http.Formatting.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
Redline Stealer v30.32/Panel/System.Numerics.Vectors.dll
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
Redline Stealer v30.32/Panel/System.Numerics.Vectors.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Redline Stealer v30.32/Panel/Bunifu_UI_v1.52.dll
-
Size
219KB
-
MD5
5eca94d909f1ba4c5f3e35ac65a49076
-
SHA1
3b9cb69510887117844464a2cc711c06f2c3bd19
-
SHA256
de0e530d46c803d85b8aeb6d18816f1b09cb3dafefb5e19fdfa15c9f41e0f474
-
SHA512
257a33c748dfb617a7e2892310132fd4abf4384fb09c93a8ac3f609fd91353a4f3e326124ecc63b6041ac87cf4fcc17a8bdca312e0c851acd9c7a182247066ea
-
SSDEEP
6144:o1uzZh5rYAuBjtnkbxuzZ7Mg3i3hJtm4Fw2hHQHcHKaPUb:Ku1higb4zZR+9mcHX
Score1/10 -
-
-
Target
Redline Stealer v30.32/Panel/Common.Logging.dll
-
Size
53KB
-
MD5
5193ac7470f5cd288cadf0fce4ea59a9
-
SHA1
b78f0ee86edd04a5c1709c494cb55a99d6f852e8
-
SHA256
cb2540e1087935ba8e859832bebc1e70985fa01de26344a86a7bacf9cdfd19c5
-
SHA512
20bdd0ff66d3dc49a9d0634e916bb6bf00fef600c0aa35956bcf8609b159332f53bfc23cd9794022352b6679c24dd0c4029b9c7d58636de054316a5afe4a88b1
-
SSDEEP
768:vwVPM/z+bsVvMq55kjb7Ar+n4KNmQ8MtJLr51:KZsS+5k/7G+wQ9tJLr51
Score1/10 -
-
-
Target
Redline Stealer v30.32/Panel/GuiLib.dll
-
Size
50KB
-
MD5
42d66964ee6b3aa7710f07803f2e9565
-
SHA1
1af7fdf8b45f0003810c3b0c13e982c5c865d557
-
SHA256
05e0e8394154edf4366d6af144934a7014a0ad06f571dfd1e132d7099c8118e9
-
SHA512
311cd9febd10db76e101a059410ddc4af35916ac88dda0719dd5e4f2473bcc8485161da576f9512f73716258e19f53b61515875ad0c590d1c8854ccfb525d8eb
-
SSDEEP
768:pXBWBHqfkC/Wcd1V4+8dUQeEqUNVugUP26lunfWWeddVm:pXiWJ16+8dxeAVuwWWede
Score1/10 -
-
-
Target
Redline Stealer v30.32/Panel/IPLocator.dll
-
Size
34KB
-
MD5
c8b0ac355a4eccd2390775fd4f2f72bc
-
SHA1
a56a296cf3a9b82a02db244a4112954b2f79f59e
-
SHA256
0d1dc8a4030f457fd6323b3646f1ad8e062e2afb17845a6ffa29795dc618bb4d
-
SHA512
73e5dc0f863ce8f17bdc9166cdae0b35f115c1f4cc247be0c07d8dd2e8dba19c24827ce1989136247732cd28380b89eb843d736f67f93304bce7adf546558621
-
SSDEEP
768:cqLW5vmCg+LWsFma0oqipv6iGl4A+wwZbgcLTnEeZAyYrdRA8/GRrN:cqLWpjWsFRtTpZzA+BgyTEeiTh2
Score1/10 -
-
-
Target
Redline Stealer v30.32/Panel/MetroSet UI.dll
-
Size
436KB
-
MD5
5aeea45913eb8475077a9547d7d3f2f3
-
SHA1
09931075a4fdffe7b051df6d3bc5b4a0bacdf019
-
SHA256
ef2a67849fbe0f1c99263bf0acfddf15a1b3668e49fd9d35868e147d8a4c8c73
-
SHA512
3f3ba1d117784aca8d6abfe84e9275da425fd23982aa1ce9af760a9e5d7cd5e9dc2e36a36cc6e190cb91e8b2c8888881cfd8feeb85c3249185d61273a1a1e0ff
-
SSDEEP
12288:EE4n7EmAqNv8MkCvzMTlCPRSoWzz7QYaIHUMhPrYDK:EE4n7xAqN0MkCvzMTlCEoDYFHZeDK
Score1/10 -
-
-
Target
Redline Stealer v30.32/Panel/Microsoft.Bcl.AsyncInterfaces.dll
-
Size
26KB
-
MD5
970b6e6478ae3ab699f277d77de0cd19
-
SHA1
5475cb28998d419b4714343ffa9511ff46322ac2
-
SHA256
5dc372a10f345b1f00ec6a8fa1a2ce569f7e5d63e4f1f8631be367e46bfa34f4
-
SHA512
f3ad2088c5d3fcb770c6d8212650eed95507e107a34f9468ca9db99defd8838443a95e0b59a5a6cb65a18ebbc529110c5348513a321b44223f537096c6d7d6e0
-
SSDEEP
768:DulwnBhYlTVv2wK5idcgF4of1n6K9zUYJ:ywHYFtKYdcg/f1nXzUYJ
Score1/10 -
-
-
Target
Redline Stealer v30.32/Panel/NHttp.dll
-
Size
57KB
-
MD5
119a2ff3c42750b76773505f237e47e6
-
SHA1
f49951c8aacece37d820c51919c44f77d3e56a9d
-
SHA256
c0433ee6583ccda71b3b59593b21242dfa62c0212f71fd78b4349728863e89f1
-
SHA512
2d12f462121c5e473898a33feafc185a63161eea1128940d9a7bc2ce33ddd7bf3bdc93a6d81d46060084a4fb619d75ff858fc5689443e15328b178b37432c4a9
-
SSDEEP
768:gMmEsXlFXebhEuWvbeS5CByD1G9lJ843s6oDuFYJKdMk3ys6VJBaJ1+VKK:gdE2AuC4SKG9lJdBoOdZ3YVJBaXcKK
Score1/10 -
-
-
Target
Redline Stealer v30.32/Panel/Newtonsoft.Json.Schema.dll
-
Size
208KB
-
MD5
260a18bcc6d697d5c9f42299f2f34195
-
SHA1
de566fe1aa6d98310ddfa9d0773d1bdf47675c37
-
SHA256
b3cc57a64a89017c294927d93a24d10e5863287cdf32bd0f173386d3caebf5a8
-
SHA512
0451e2027ce21d1e7ed5267917b49c27f1e264ef58512d489da5d4359b62ceb7971ab2adec569a0626d9bcdeeae1f1f4744b5d0c8e1158a2af70c1e03d2cae29
-
SSDEEP
6144:PvT7+4dA4e7+wnOwCRv7S8sjs4pcw0KZ:nT7+4u4e7hOwvs4p
Score1/10 -
-
-
Target
Redline Stealer v30.32/Panel/Newtonsoft.Json.dll
-
Size
683KB
-
MD5
6815034209687816d8cf401877ec8133
-
SHA1
1248142eb45eed3beb0d9a2d3b8bed5fe2569b10
-
SHA256
7f912b28a07c226e0be3acfb2f57f050538aba0100fa1f0bf2c39f1a1f1da814
-
SHA512
3398094ce429ab5dcdecf2ad04803230669bb4accaef7083992e9b87afac55841ba8def2a5168358bd17e60799e55d076b0e5ca44c86b9e6c91150d3dc37c721
-
SSDEEP
12288:Lf9WGsSVSM2mxL2nRiOr8gUckc6V/g2GhBzj05cH:7XNL2PVh6B+Bzjmc
Score1/10 -
-
-
Target
Redline Stealer v30.32/Panel/Panel.exe
-
Size
12.1MB
-
MD5
85afedf22ca7d0561be4443e854459a7
-
SHA1
1fec08de68672a302f0df40ff30b22cee4d18057
-
SHA256
130a2379f8f07cec2cd9935bdf67bfcfbb977327f89f017dc16f19efc871d864
-
SHA512
e5229c4e67bc7d4ef8b53c94cfd017833797ecb52a93d71e9770ae50aaaa8e3e6c9b6433389f85255c2fe92bf94bdf1f6d1c49a01ac0809d7c8ccdb8c07dce03
-
SSDEEP
393216:+A+bVvdvbtsjjBbns3JX08gNghF5tAVsQsaBMvBVvrsV4ojavjdTbvosw+z6VVq1:+A+bVvdvbtsjjBbns3JX08gNghF5tAV8
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
Redline Stealer v30.32/Panel/Pluralsight.Crypto.dll
-
Size
45KB
-
MD5
4ae6096005c37982c8b0c7b465d88da5
-
SHA1
93486afd78d1dba82722bee3ff7661e4740b9f05
-
SHA256
e3e598d322d72e6b717f6753d02d8f98a5436e884adbc0cc383e7a39a3c35b04
-
SHA512
86b52ab17120ec7c2941b7598c2b90ed8bce6f4c11a5c3e6e026c60f976ed58b042a8495c16f2a6a4dee8463da788a90ff6008069a133f566862afcc8ab65642
-
SSDEEP
768:nkwGNy7QxrBNTEpN+efDLMJQWv+3txn29FRTIQNqMQbQLnBYB+0Mp9E+8iROAzN:nkw8KfnMJT+7n2/R0qxrBYU0MQ+8iAA5
Score1/10 -
-
-
Target
Redline Stealer v30.32/Panel/RestSharp.dll
-
Size
187KB
-
MD5
6122f53b28d172d5711b79427d89b409
-
SHA1
6bde48731f89b3bbbde7614898638a4f33121114
-
SHA256
676e00e8f81b6c25e122277d55a56d28924a4cc304f160ad1dfb803e8d2ea594
-
SHA512
a9e6d2bd3b62a7b37f7a0aa241f057e8266ed836b3df92ab4dc9d7ae7a9e928bd468d7d8e88e7ba1ca04ca443a0a552ca6419cea69cc3f9b3f2c7e7f7899a4b9
-
SSDEEP
3072:bcDieefd3nF+GhIVE+mvJOUc6XM42SuYA6qIGqskUi2m7FktfLJ19D:mq9nF+GmVBmQUt2Su2jGqskF
Score1/10 -
-
-
Target
Redline Stealer v30.32/Panel/System.Buffers.dll
-
Size
20KB
-
MD5
ecdfe8ede869d2ccc6bf99981ea96400
-
SHA1
2f410a0396bc148ed533ad49b6415fb58dd4d641
-
SHA256
accccfbe45d9f08ffeed9916e37b33e98c65be012cfff6e7fa7b67210ce1fefb
-
SHA512
5fc7fee5c25cb2eee19737068968e00a00961c257271b420f594e5a0da0559502d04ee6ba2d8d2aad77f3769622f6743a5ee8dae23f8f993f33fb09ed8db2741
-
SSDEEP
384:/rMdp9yXOfPfAxR5zwWvYW8a2cyHRN7vCvlbLg:/rMcXP6N6e
Score1/10 -
-
-
Target
Redline Stealer v30.32/Panel/System.Memory.dll
-
Size
138KB
-
MD5
f09441a1ee47fb3e6571a3a448e05baf
-
SHA1
3c5c5df5f8f8db3f0a35c5ed8d357313a54e3cde
-
SHA256
bf3fb84664f4097f1a8a9bc71a51dcf8cf1a905d4080a4d290da1730866e856f
-
SHA512
0199ae0633bccfeaefbb5aed20832a4379c7ad73461d41a9da3d6dc044093cc319670e67c4efbf830308cbd9a48fb40d4a6c7e472dcc42eb745c6ba813e8e7c6
-
SSDEEP
3072:nUGrszKKLB8a9DvrJeeesIf3amN32AW/rcyw/s:OB8l3/aK32qU
Score1/10 -
-
-
Target
Redline Stealer v30.32/Panel/System.Net.Http.Formatting.dll
-
Size
174KB
-
MD5
b676d5e9828d6010339743f236f54ec4
-
SHA1
0dff461be2e04ebf6da5f4f2d3eb639cc2e0a8b5
-
SHA256
7b58adc6e23b24cd6615b35e848a002bda053a26d48f9ddafacfc8098e97c49c
-
SHA512
cca0ed47b391b12f44716db1921314e7dcbf2a9f6b0916c78642b4aa814825c570569b103a7f5e298e9c02dbae22e7cb905f08f80f94ad6dcb69fe09085cd8a8
-
SSDEEP
3072:BXWun8Jw8fCk/Dvf5eso7DpGbG8pwp2xuRLYs8ZS:BXWu8Jw4L/D3UVVGbGbMS
Score1/10 -
-
-
Target
Redline Stealer v30.32/Panel/System.Numerics.Vectors.dll
-
Size
113KB
-
MD5
aaa2cbf14e06e9d3586d8a4ed455db33
-
SHA1
3d216458740ad5cb05bc5f7c3491cde44a1e5df0
-
SHA256
1d3ef8698281e7cf7371d1554afef5872b39f96c26da772210a33da041ba1183
-
SHA512
0b14a039ca67982794a2bb69974ef04a7fbee3686d7364f8f4db70ea6259d29640cbb83d5b544d92fa1d3676c7619cd580ff45671a2bb4753ed8b383597c6da8
-
SSDEEP
1536:nPOw0SUUKw+GbgjMV+fCY1UiiGZ6qetMXIAMZ2zstK/hV+sUwS:nWw0SUUKBM8aOUiiGw7qa9tK/bJS
Score1/10 -