redline | dae95b7f7a65f6dd5c46a91861163a872ef10d1f217a6315093c77cca3cf6212 | Triage

Submit
Reports

Overview

overview

Static

static

1

JaffaCakes...cb.exe

windows7-x64

JaffaCakes...cb.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_11820dd99886c43259615084cb25d5cb
Size

517KB
Sample

250106-gb57nsxngy
MD5

11820dd99886c43259615084cb25d5cb
SHA1

ba7740487a3bb2f8bd3782a485664459da836cda
SHA256

dae95b7f7a65f6dd5c46a91861163a872ef10d1f217a6315093c77cca3cf6212
SHA512

5bf1d7f43ac4d97ac1a577c57c87655d025b98b55c1a349321d0acbb9cc5a910dea4775b9cf19d83fd87000d44aab8ce2c7e457ea8010c55b69a79e5b6682f4a
SSDEEP

3072:23KpVhyjKlSMnuhqNu/LPmb1PE+wag8VoA0gJLAd7rK/73UaYnMdd/glaNMMVK39:pVhyj92u/Lub1Av8qFgJuKDgUNMeK39

Score

10^/10

redline discovery infostealer

Static task

static1

Behavioral task

behavioral1

Sample

JaffaCakes118_11820dd99886c43259615084cb25d5cb.exe

Resource

win7-20240708-en

redline discovery infostealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_11820dd99886c43259615084cb25d5cb.exe

Resource

win10v2004-20241007-en

redline discovery infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

redline

C2

141.94.188.138:46419

Attributes

auth_value
3f48b95855158031ae9e7dafcb203009

Targets

- Target
  
  JaffaCakes118_11820dd99886c43259615084cb25d5cb
- Size
  
  517KB
- MD5
  
  11820dd99886c43259615084cb25d5cb
- SHA1
  
  ba7740487a3bb2f8bd3782a485664459da836cda
- SHA256
  
  dae95b7f7a65f6dd5c46a91861163a872ef10d1f217a6315093c77cca3cf6212
- SHA512
  
  5bf1d7f43ac4d97ac1a577c57c87655d025b98b55c1a349321d0acbb9cc5a910dea4775b9cf19d83fd87000d44aab8ce2c7e457ea8010c55b69a79e5b6682f4a
- SSDEEP
  
  3072:23KpVhyjKlSMnuhqNu/LPmb1PE+wag8VoA0gJLAd7rK/73UaYnMdd/glaNMMVK39:pVhyj92u/Lub1Av8qFgJuKDgUNMeK39
Score

10^/10

redline discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealer

behavioral2

redlinediscoveryinfostealer

© 2018-2025

Terms | Privacy