redline

Resubmissions

02-01-2025 07:19

250102-h5tw6szqcs 10

Sharing

Copy URL

Twitter E-mail

General

Target

https://github.com/dzhizzus/Valorant-Hack
Sample

250102-h5tw6szqcs

Score

10^/10

Malware Config

Extracted

Family

redline

192.36.41.140:1914

Attributes

auth_value
0f1335daba5ac306ad1c24b06755b6e9

Targets

- Target
  
  https://github.com/dzhizzus/Valorant-Hack
Score

10^/10

redline discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

RedLine payload

Redline family

Downloads MZ/PE file

Executes dropped EXE

Legitimate hosting services abused for malware hosting/C2

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

urlscan1

behavioral1