redline | 7feadede50c5f21b2f19d8ed73259b6f9600cafaa78923322cea911d3da0811c | Triage

Submit
Reports

Overview

overview

Static

static

1

JaffaCakes...71.exe

windows7-x64

JaffaCakes...71.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_1691aa73a0699a3be2864a407e547671
Size

671KB
Sample

250106-jetddszqcy
MD5

1691aa73a0699a3be2864a407e547671
SHA1

e3c6af09ab3708a0a4aa4dfa11a6d25a73c27a33
SHA256

7feadede50c5f21b2f19d8ed73259b6f9600cafaa78923322cea911d3da0811c
SHA512

f9303db80467773694ce93c1c3f97622dc20e4b5df4c7de07ed467c99befa11e0e87a85b34546ff9f51b9a3a1e707c1e7ac1f417ac9e74ae4be6a523ea1a1c54
SSDEEP

3072:/s1zOpZLp7vlZwIpNUqs8W8Lz0W+DrzZ0aoPguE7Dd25Y3LloxpLrV7iOvnwWzNt:01zwP7QT8+PzCPy7fxyKhISaCF/LzY

Score

10^/10

redline discovery infostealer

Static task

static1

Behavioral task

behavioral1

Sample

JaffaCakes118_1691aa73a0699a3be2864a407e547671.exe

Resource

win7-20240903-en

redline discovery infostealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_1691aa73a0699a3be2864a407e547671.exe

Resource

win10v2004-20241007-en

redline discovery infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

redline

C2

185.215.113.51:56632

Attributes

auth_value
8a057b047bb60399b5cc0fa800e50e51

Targets

- Target
  
  JaffaCakes118_1691aa73a0699a3be2864a407e547671
- Size
  
  671KB
- MD5
  
  1691aa73a0699a3be2864a407e547671
- SHA1
  
  e3c6af09ab3708a0a4aa4dfa11a6d25a73c27a33
- SHA256
  
  7feadede50c5f21b2f19d8ed73259b6f9600cafaa78923322cea911d3da0811c
- SHA512
  
  f9303db80467773694ce93c1c3f97622dc20e4b5df4c7de07ed467c99befa11e0e87a85b34546ff9f51b9a3a1e707c1e7ac1f417ac9e74ae4be6a523ea1a1c54
- SSDEEP
  
  3072:/s1zOpZLp7vlZwIpNUqs8W8Lz0W+DrzZ0aoPguE7Dd25Y3LloxpLrV7iOvnwWzNt:01zwP7QT8+PzCPy7fxyKhISaCF/LzY
Score

10^/10

redline discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealer

behavioral2

redlinediscoveryinfostealer

© 2018-2025

Terms | Privacy