redline | 3160e8eeb8b613a98c0255648823590e2ef897223a6dbf4580cbc8bb3baee8df | Triage

Submit
Reports

Overview

overview

Static

static

1

JaffaCakes...60.exe

windows7-x64

JaffaCakes...60.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_a728a1f356831eab756ade05a19cb5d29f671260
Size

725.8MB
Sample

241226-wt6cqatnds
MD5

4fe9998281de99dbd71b0e85fe3af02e
SHA1

a728a1f356831eab756ade05a19cb5d29f671260
SHA256

3160e8eeb8b613a98c0255648823590e2ef897223a6dbf4580cbc8bb3baee8df
SHA512

973316f845437bd31052b609e4a99c24c4dfb9b99cb805d048b58e647b4cb99d750bcee7e55365de3dafe4996908c4207bb79815e2278bc5b72b1515bda88406
SSDEEP

12288:U8AaWnPxX/J26qeHllYRqdcXUD1sEkBw2qWJiVVhYR:U8AaWlk65llYRqdeTEkBNn

Score

10^/10

redline 1851281290_99 discovery infostealer

Static task

static1

Behavioral task

behavioral1

Sample

JaffaCakes118_a728a1f356831eab756ade05a19cb5d29f671260.exe

Resource

win7-20241010-en

redline 1851281290_99 discovery infostealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_a728a1f356831eab756ade05a19cb5d29f671260.exe

Resource

win10v2004-20241007-en

redline 1851281290_99 discovery infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

1851281290_99

C2

194.87.71.4:3431

Attributes

auth_value
e6c703f4955496a1908c64e4f8bc3bcb

Targets

- Target
  
  JaffaCakes118_a728a1f356831eab756ade05a19cb5d29f671260
- Size
  
  725.8MB
- MD5
  
  4fe9998281de99dbd71b0e85fe3af02e
- SHA1
  
  a728a1f356831eab756ade05a19cb5d29f671260
- SHA256
  
  3160e8eeb8b613a98c0255648823590e2ef897223a6dbf4580cbc8bb3baee8df
- SHA512
  
  973316f845437bd31052b609e4a99c24c4dfb9b99cb805d048b58e647b4cb99d750bcee7e55365de3dafe4996908c4207bb79815e2278bc5b72b1515bda88406
- SSDEEP
  
  12288:U8AaWnPxX/J26qeHllYRqdcXUD1sEkBw2qWJiVVhYR:U8AaWlk65llYRqdeTEkBNn
Score

10^/10

redline 1851281290_99 discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline1851281290_99discoveryinfostealer

behavioral2

redline1851281290_99discoveryinfostealer

© 2018-2025

Terms | Privacy