redline | f6f7ca16cdbb499a91ee8dc15087312efc6705ce0b8ae314cc645ab2562e3566 | Triage

Submit
Reports

Overview

overview

Static

static

1

JaffaCakes...66.exe

windows7-x64

JaffaCakes...66.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_f6f7ca16cdbb499a91ee8dc15087312efc6705ce0b8ae314cc645ab2562e3566
Size

750.1MB
Sample

241225-ycvk1avjdx
MD5

e18a08c106153108699bfd4c8eddd250
SHA1

2ebb63566772c8fa7caab252c304342e5c72f89d
SHA256

f6f7ca16cdbb499a91ee8dc15087312efc6705ce0b8ae314cc645ab2562e3566
SHA512

bfce956538f230961fd0d60a790e8c6447872f1c6144dbef6825001938b76d42cb7399d693e46ca7a366e3bc1e593fbb9d442c05535d36061d80af151d8f7118
SSDEEP

24576:e2NeoRmnEXZrpbL3reyq5MlIb8ngUqozL4QuZTdSICNIfEuQ5p3h31:e2NeoRmnEXZrpb/j7QXo/WdS

Score

10^/10

redline 639820823_99 discovery infostealer

Static task

static1

Behavioral task

behavioral1

Sample

JaffaCakes118_f6f7ca16cdbb499a91ee8dc15087312efc6705ce0b8ae314cc645ab2562e3566.exe

Resource

win7-20240903-en

redline 639820823_99 discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_f6f7ca16cdbb499a91ee8dc15087312efc6705ce0b8ae314cc645ab2562e3566.exe

Resource

win10v2004-20241007-en

redline 639820823_99 discovery infostealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

639820823_99

C2

194.87.71.4:3431

Attributes

auth_value
59186b465ed75d9a78b750143c0dc423

Targets

- Target
  
  JaffaCakes118_f6f7ca16cdbb499a91ee8dc15087312efc6705ce0b8ae314cc645ab2562e3566
- Size
  
  750.1MB
- MD5
  
  e18a08c106153108699bfd4c8eddd250
- SHA1
  
  2ebb63566772c8fa7caab252c304342e5c72f89d
- SHA256
  
  f6f7ca16cdbb499a91ee8dc15087312efc6705ce0b8ae314cc645ab2562e3566
- SHA512
  
  bfce956538f230961fd0d60a790e8c6447872f1c6144dbef6825001938b76d42cb7399d693e46ca7a366e3bc1e593fbb9d442c05535d36061d80af151d8f7118
- SSDEEP
  
  24576:e2NeoRmnEXZrpbL3reyq5MlIb8ngUqozL4QuZTdSICNIfEuQ5p3h31:e2NeoRmnEXZrpb/j7QXo/WdS
Score

10^/10

redline 639820823_99 discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline639820823_99discoveryinfostealer

behavioral2

redline639820823_99discoveryinfostealer

© 2018-2025

Terms | Privacy