redline | e31abe28b2f6fa085c9500bf0d3d460a63b4ad4296eae4d8e835bde61a989ef1 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...2a.exe

windows7-x64

JaffaCakes...2a.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_7586741b93e311ab536e20cb450bcb2a
Size

4.6MB
Sample

250107-ycaktsvrav
MD5

7586741b93e311ab536e20cb450bcb2a
SHA1

1ce02572b6a5cac14ffff3bcedd11477ae3a631d
SHA256

e31abe28b2f6fa085c9500bf0d3d460a63b4ad4296eae4d8e835bde61a989ef1
SHA512

9072e7d1fdb950403ac98d9b59abd6bca60f7ff452c40de14add85d9c34abae41688a8be1903eacac71228d3892b44e10c2f71cab685acbb480d35dcf7035d1c
SSDEEP

98304:HLDArvUT8rjxrQy+UAvsIbqFQR7FFPRV7eQjcICXFsal6k1BHE3JB8tZq7:2JQyllQR7hGL11h4JKt8

Score

10^/10

redline @durak9876 discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_7586741b93e311ab536e20cb450bcb2a.exe

Resource

win7-20241010-en

redline @durak9876 discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_7586741b93e311ab536e20cb450bcb2a.exe

Resource

win10v2004-20241007-en

redline @durak9876 discovery infostealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

@Durak9876

C2

95.181.152.6:46927

Attributes

auth_value
cdf3919a262c0d6ba99116b375d7551c

Targets

- Target
  
  JaffaCakes118_7586741b93e311ab536e20cb450bcb2a
- Size
  
  4.6MB
- MD5
  
  7586741b93e311ab536e20cb450bcb2a
- SHA1
  
  1ce02572b6a5cac14ffff3bcedd11477ae3a631d
- SHA256
  
  e31abe28b2f6fa085c9500bf0d3d460a63b4ad4296eae4d8e835bde61a989ef1
- SHA512
  
  9072e7d1fdb950403ac98d9b59abd6bca60f7ff452c40de14add85d9c34abae41688a8be1903eacac71228d3892b44e10c2f71cab685acbb480d35dcf7035d1c
- SSDEEP
  
  98304:HLDArvUT8rjxrQy+UAvsIbqFQR7FFPRV7eQjcICXFsal6k1BHE3JB8tZq7:2JQyllQR7hGL11h4JKt8
Score

10^/10

redline @durak9876 discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@durak9876discoveryinfostealer

behavioral2

redline@durak9876discoveryinfostealer

© 2018-2025

Terms | Privacy