redline | 1a7167a869f1dd6d76993554473ac034a3d2fd0348f6e3af7dfb8ef4b08efc7f | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...7f.exe

windows7-x64

JaffaCakes...7f.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_1a7167a869f1dd6d76993554473ac034a3d2fd0348f6e3af7dfb8ef4b08efc7f
Size

848.4MB
Sample

241225-thcj6axqep
MD5

958b433194ee34769ca0f41199816247
SHA1

4aefeecd0cec662f990763ea9bd725dfdd26d116
SHA256

1a7167a869f1dd6d76993554473ac034a3d2fd0348f6e3af7dfb8ef4b08efc7f
SHA512

a9956c90d3505a5da81a82c5a58fc2e4be2ed5baaafdd74de4a712e6b5fc21eeaf60eab0ef8155d3e0b3bd0ef865fd9745c265a99e320553e629a1d01e51c58a
SSDEEP

12288:SDlEtGp/N7yKB9UyTLrY1XzBlflu2qwV6eyJGAJXhmq/8Z:4GGp/LrYdfxV6T

Score

10^/10

redline discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_1a7167a869f1dd6d76993554473ac034a3d2fd0348f6e3af7dfb8ef4b08efc7f.exe

Resource

win7-20240903-en

redline discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_1a7167a869f1dd6d76993554473ac034a3d2fd0348f6e3af7dfb8ef4b08efc7f.exe

Resource

win10v2004-20241007-en

redline discovery infostealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

C2

95.216.94.138:4328

Attributes

auth_value
a909e2aaecf96137978fea4f86400b9b

Targets

- Target
  
  JaffaCakes118_1a7167a869f1dd6d76993554473ac034a3d2fd0348f6e3af7dfb8ef4b08efc7f
- Size
  
  848.4MB
- MD5
  
  958b433194ee34769ca0f41199816247
- SHA1
  
  4aefeecd0cec662f990763ea9bd725dfdd26d116
- SHA256
  
  1a7167a869f1dd6d76993554473ac034a3d2fd0348f6e3af7dfb8ef4b08efc7f
- SHA512
  
  a9956c90d3505a5da81a82c5a58fc2e4be2ed5baaafdd74de4a712e6b5fc21eeaf60eab0ef8155d3e0b3bd0ef865fd9745c265a99e320553e629a1d01e51c58a
- SSDEEP
  
  12288:SDlEtGp/N7yKB9UyTLrY1XzBlflu2qwV6eyJGAJXhmq/8Z:4GGp/LrYdfxV6T
Score

10^/10

redline discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealer

behavioral2

redlinediscoveryinfostealer

© 2018-2025

Terms | Privacy