redline | 993a7a8d6dc703d3d1fe8c2c65dfb79a510423c203e32d22ff2ac3cd10822645 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...45.exe

windows7-x64

JaffaCakes...45.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_993a7a8d6dc703d3d1fe8c2c65dfb79a510423c203e32d22ff2ac3cd10822645
Size

820.2MB
Sample

241230-2ndcmssldm
MD5

11ba9acca050c939b7ce6249b11cf5be
SHA1

d4d9f78adcabc783b9ec6a60a54ae05796255582
SHA256

993a7a8d6dc703d3d1fe8c2c65dfb79a510423c203e32d22ff2ac3cd10822645
SHA512

104677b1ce5ab224a4de053a6e15b5593fd86f2e098a9e72ba06d8be583b619d079861e5252774239188db1a5d4ce2a00a52a484966dc7b6eac7bdec53a125f9
SSDEEP

196608:wDdSapsb2FYXSRUTuNAPqZcrG1IniBEj+9wf6JM7w:wp

Score

10^/10

redline @ken0zz discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_993a7a8d6dc703d3d1fe8c2c65dfb79a510423c203e32d22ff2ac3cd10822645.exe

Resource

win7-20241010-en

redline @ken0zz discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_993a7a8d6dc703d3d1fe8c2c65dfb79a510423c203e32d22ff2ac3cd10822645.exe

Resource

win10v2004-20241007-en

redline @ken0zz discovery infostealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

@Ken0zz

C2

176.113.115.24:37118

Attributes

auth_value
68c1f253de2c438189ebe30588f5cf60

Targets

- Target
  
  JaffaCakes118_993a7a8d6dc703d3d1fe8c2c65dfb79a510423c203e32d22ff2ac3cd10822645
- Size
  
  820.2MB
- MD5
  
  11ba9acca050c939b7ce6249b11cf5be
- SHA1
  
  d4d9f78adcabc783b9ec6a60a54ae05796255582
- SHA256
  
  993a7a8d6dc703d3d1fe8c2c65dfb79a510423c203e32d22ff2ac3cd10822645
- SHA512
  
  104677b1ce5ab224a4de053a6e15b5593fd86f2e098a9e72ba06d8be583b619d079861e5252774239188db1a5d4ce2a00a52a484966dc7b6eac7bdec53a125f9
- SSDEEP
  
  196608:wDdSapsb2FYXSRUTuNAPqZcrG1IniBEj+9wf6JM7w:wp
Score

10^/10

redline @ken0zz discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@ken0zzdiscoveryinfostealer

behavioral2

redline@ken0zzdiscoveryinfostealer

© 2018-2025

Terms | Privacy