redline | f875e7889bc9b22fed2b3ae4e1fd6fb9fcdd961d90340b9ca8acca040dbb9c38 | Triage

Submit
Reports

Overview

overview

Static

static

1

JaffaCakes...38.exe

windows7-x64

JaffaCakes...38.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_f875e7889bc9b22fed2b3ae4e1fd6fb9fcdd961d90340b9ca8acca040dbb9c38
Size

740.7MB
Sample

241229-lkrsvsylep
MD5

1ef41688d18258df513ffd6cae9efff8
SHA1

c684d674b51c803dedd44b4eade1bcc1e968d702
SHA256

f875e7889bc9b22fed2b3ae4e1fd6fb9fcdd961d90340b9ca8acca040dbb9c38
SHA512

0bbda315e8ae77839b9838b71da34ef44b6ac7887aff68c92b53b69fc72370c4ea34ea7d4e3678de5d8b838ccc9b83188a73586ddfc414cdfad7cff2293746fc
SSDEEP

393216:8UwOIEK84WQsykAeYnkAeYUaMImg8C0Qu:

Score

10^/10

redline 1753096510_99 discovery infostealer

Static task

static1

Behavioral task

behavioral1

Sample

JaffaCakes118_f875e7889bc9b22fed2b3ae4e1fd6fb9fcdd961d90340b9ca8acca040dbb9c38.exe

Resource

win7-20240903-en

redline 1753096510_99 discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_f875e7889bc9b22fed2b3ae4e1fd6fb9fcdd961d90340b9ca8acca040dbb9c38.exe

Resource

win10v2004-20241007-en

redline 1753096510_99 discovery infostealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

1753096510_99

C2

mevlut.top:28786

Attributes

auth_value
a07030fe3f8bdab3b41f5eec3083470b

Targets

- Target
  
  JaffaCakes118_f875e7889bc9b22fed2b3ae4e1fd6fb9fcdd961d90340b9ca8acca040dbb9c38
- Size
  
  740.7MB
- MD5
  
  1ef41688d18258df513ffd6cae9efff8
- SHA1
  
  c684d674b51c803dedd44b4eade1bcc1e968d702
- SHA256
  
  f875e7889bc9b22fed2b3ae4e1fd6fb9fcdd961d90340b9ca8acca040dbb9c38
- SHA512
  
  0bbda315e8ae77839b9838b71da34ef44b6ac7887aff68c92b53b69fc72370c4ea34ea7d4e3678de5d8b838ccc9b83188a73586ddfc414cdfad7cff2293746fc
- SSDEEP
  
  393216:8UwOIEK84WQsykAeYnkAeYUaMImg8C0Qu:
Score

10^/10

redline 1753096510_99 discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline1753096510_99discoveryinfostealer

behavioral2

redline1753096510_99discoveryinfostealer

© 2018-2025

Terms | Privacy