redline | 5c5793584de424bb7334892e62eac6a333fa52e38cdef4827fa0f451e8801693 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...a1.exe

windows7-x64

JaffaCakes...a1.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_41bf6c2ff5e629dc13cd35c9bb4749a1
Size

4.6MB
Sample

250106-3ygcqawlap
MD5

41bf6c2ff5e629dc13cd35c9bb4749a1
SHA1

10cc28af90546bec4274c9ae38b0125d18177648
SHA256

5c5793584de424bb7334892e62eac6a333fa52e38cdef4827fa0f451e8801693
SHA512

cf3a5324c41a1668777669df0de10783100184d3cfcc3c09d80a683b24e53bf0413ad041c1968568cebb0ebe311759cee74b8c6545de5e0a10eb4167ebd5a0c1
SSDEEP

98304:LLYAOeGOR1UrfOMLFsIQhlFp7CNFHKNLBce/lLOscI5TD:f7Ur/LufhlH7CNFqnXNLO7sTD

Score

10^/10

redline @pukpukich discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_41bf6c2ff5e629dc13cd35c9bb4749a1.exe

Resource

win7-20241010-en

redline @pukpukich discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_41bf6c2ff5e629dc13cd35c9bb4749a1.exe

Resource

win10v2004-20241007-en

redline @pukpukich discovery infostealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

@PUKPUKich

C2

185.209.22.181:29234

Attributes

auth_value
5a0918bd3e8ede8e02c8dd9d106a996d

Targets

- Target
  
  JaffaCakes118_41bf6c2ff5e629dc13cd35c9bb4749a1
- Size
  
  4.6MB
- MD5
  
  41bf6c2ff5e629dc13cd35c9bb4749a1
- SHA1
  
  10cc28af90546bec4274c9ae38b0125d18177648
- SHA256
  
  5c5793584de424bb7334892e62eac6a333fa52e38cdef4827fa0f451e8801693
- SHA512
  
  cf3a5324c41a1668777669df0de10783100184d3cfcc3c09d80a683b24e53bf0413ad041c1968568cebb0ebe311759cee74b8c6545de5e0a10eb4167ebd5a0c1
- SSDEEP
  
  98304:LLYAOeGOR1UrfOMLFsIQhlFp7CNFHKNLBce/lLOscI5TD:f7Ur/LufhlH7CNFqnXNLO7sTD
Score

10^/10

redline @pukpukich discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@pukpukichdiscoveryinfostealer

behavioral2

redline@pukpukichdiscoveryinfostealer

© 2018-2025

Terms | Privacy