redline | 0b2820a5f6d460c09afa1fce2667d4e89d8996af73c6be0967983e9f4b57b357 | Triage

Submit
Reports

Overview

overview

Static

static

3

0b2820a5f6...7N.exe

windows7-x64

0b2820a5f6...7N.exe

windows10-2004-x64

Sharing

General

Target

0b2820a5f6d460c09afa1fce2667d4e89d8996af73c6be0967983e9f4b57b357N.exe
Size

904KB
Sample

241226-txmzfazqfx
MD5

4a0f06f0e089849f0e93563bdd1dd520
SHA1

0e57a4a1ee51d876b2ee039222c58bc6cb9a976e
SHA256

0b2820a5f6d460c09afa1fce2667d4e89d8996af73c6be0967983e9f4b57b357
SHA512

38c8a72aab47188a64a2d4bad91372766a48758ba2b45ac8a238c6390e66861b2c8b41de3d11452c233f5850defb7df0882bc944530302b579c03059f74fbe47
SSDEEP

12288:L5JAhP+GQaRKCI19VcH03kiBkqiNRBrDdWZJb2xFKBLnssz4p5m7UC4gWjZnGLxR:L5J7ERKe0rBkzbqh3

Score

10^/10

redline joana discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0b2820a5f6d460c09afa1fce2667d4e89d8996af73c6be0967983e9f4b57b357N.exe

Resource

win7-20240903-en

redline joana discovery infostealer

windows7-x64

7 signatures

120 seconds

Behavioral task

behavioral2

Sample

0b2820a5f6d460c09afa1fce2667d4e89d8996af73c6be0967983e9f4b57b357N.exe

Resource

win10v2004-20241007-en

redline joana discovery infostealer

windows10-2004-x64

7 signatures

120 seconds

Malware Config

Extracted

Family

redline

Botnet

joana

C2

185.161.248.75:4132

Attributes

auth_value
85090ed112d639bb782481da2912487a

Targets

- Target
  
  0b2820a5f6d460c09afa1fce2667d4e89d8996af73c6be0967983e9f4b57b357N.exe
- Size
  
  904KB
- MD5
  
  4a0f06f0e089849f0e93563bdd1dd520
- SHA1
  
  0e57a4a1ee51d876b2ee039222c58bc6cb9a976e
- SHA256
  
  0b2820a5f6d460c09afa1fce2667d4e89d8996af73c6be0967983e9f4b57b357
- SHA512
  
  38c8a72aab47188a64a2d4bad91372766a48758ba2b45ac8a238c6390e66861b2c8b41de3d11452c233f5850defb7df0882bc944530302b579c03059f74fbe47
- SSDEEP
  
  12288:L5JAhP+GQaRKCI19VcH03kiBkqiNRBrDdWZJb2xFKBLnssz4p5m7UC4gWjZnGLxR:L5J7ERKe0rBkzbqh3
Score

10^/10

redline joana discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinejoanadiscoveryinfostealer

behavioral2

redlinejoanadiscoveryinfostealer

© 2018-2025

Terms | Privacy