redline | b4312b6580e52e53c37de5125e292c6f0d0cff92774056ce7307fe37372885c7 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...97.exe

windows7-x64

JaffaCakes...97.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_76b9c753c5133d59ade0e315865d7b97
Size

4.6MB
Sample

250107-yt2qmsykdk
MD5

76b9c753c5133d59ade0e315865d7b97
SHA1

845c639a7e1f749161e671bf8c4b860a3a3eb029
SHA256

b4312b6580e52e53c37de5125e292c6f0d0cff92774056ce7307fe37372885c7
SHA512

30e1fb4a10fd29d89add8615620e0763f5c57260ac3177cfa191ec0a5204ce8c53f7fc5fc20d168ac140de16ff4633ec4f4ca60fde7927bf9661e7c3b0e859d5
SSDEEP

98304:rLrQPdik3gPpBv+ZH3JL4Uvd5mEcvc1GU49/twafMmymlz:rxk3+L2Z2edAEck6/twaUyZ

Score

10^/10

redline fs discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_76b9c753c5133d59ade0e315865d7b97.exe

Resource

win7-20241010-en

redline fs discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_76b9c753c5133d59ade0e315865d7b97.exe

Resource

win10v2004-20241007-en

redline fs discovery infostealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

fs

C2

185.255.133.25:18225

Attributes

auth_value
e6ae87b99bc187e67e3023b8ad515104

Targets

- Target
  
  JaffaCakes118_76b9c753c5133d59ade0e315865d7b97
- Size
  
  4.6MB
- MD5
  
  76b9c753c5133d59ade0e315865d7b97
- SHA1
  
  845c639a7e1f749161e671bf8c4b860a3a3eb029
- SHA256
  
  b4312b6580e52e53c37de5125e292c6f0d0cff92774056ce7307fe37372885c7
- SHA512
  
  30e1fb4a10fd29d89add8615620e0763f5c57260ac3177cfa191ec0a5204ce8c53f7fc5fc20d168ac140de16ff4633ec4f4ca60fde7927bf9661e7c3b0e859d5
- SSDEEP
  
  98304:rLrQPdik3gPpBv+ZH3JL4Uvd5mEcvc1GU49/twafMmymlz:rxk3+L2Z2edAEck6/twaUyZ
Score

10^/10

redline fs discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinefsdiscoveryinfostealer

behavioral2

redlinefsdiscoveryinfostealer

© 2018-2025

Terms | Privacy