redline | 45c78f2a12046e977a1c8ad51b8abb9884c75105be7b08d7d57bb9b1141616e9 | Triage

Submit
Reports

Overview

overview

Static

static

3

thisIsScary.exe

windows7-x64

thisIsScary.exe

windows10-2004-x64

Sharing

General

Target

thisIsScary.zip
Size

1.9MB
Sample

250106-qa5n7axkgt
MD5

88c51fc478baaf6b50f9b28ea7156502
SHA1

6f38df64064c049426ec6344c62d4adcbcf93c7e
SHA256

45c78f2a12046e977a1c8ad51b8abb9884c75105be7b08d7d57bb9b1141616e9
SHA512

d7ae38c3c9fd618c9017a3b66622443449e882a69562729ba48b798c5ba4e2647d6a11abec0d80365a8cd810c91b9bb2dc727d70609fd5a5f833c6bffecbee65
SSDEEP

49152:BJjkyScTybk5u1gfIjx2ZiJcExazuNZyOR9:nkPcTyqu1bFWGc+azu+g9

Score

10^/10

redline xmas discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

thisIsScary.exe

Resource

win7-20240903-en

redline xmas discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

thisIsScary.exe

Resource

win10v2004-20241007-en

redline xmas discovery infostealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

xmas

C2

37.220.87.78:25387

Attributes

auth_value
47dd71225cb3a0a92188486269819009

Targets

- Target
  
  thisIsScary.exe
- Size
  
  746.2MB
- MD5
  
  f359144193a123071150ae6d7c998a2e
- SHA1
  
  f521e43219ec31925397cf358b0d965f0597ef5d
- SHA256
  
  4297e5866beebdedce1e28b89724a9853af982bc39988a38cf3c70db2a98c86a
- SHA512
  
  c577cc3ca0354acb1333ebeae9b4abd50c088a68fa3bcdd499404f38c8f05b79a3322972d3ff5a729fc89ad4b72f224173a16e8d7f22929f6f41b5b50369baba
- SSDEEP
  
  24576:3R49/r0wcuSm364suiUv9poYGOecJz/tzYUl8RvIGLlECdB8MIw+RY6ATLZFAgYq:A/Mm31/oLO/58qnRL6LW
Score

10^/10

redline xmas discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinexmasdiscoveryinfostealer

behavioral2

redlinexmasdiscoveryinfostealer

© 2018-2025

Terms | Privacy