redline | ec8b5a9476b6702d2e8e28d3f73c7e7f3b320ee6cb30139426e7268d39720535 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...7b.exe

windows7-x64

JaffaCakes...7b.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_ae4884a082329d72ba84448e68c1987b
Size

4.5MB
Sample

250108-1l547svlcy
MD5

ae4884a082329d72ba84448e68c1987b
SHA1

e7e9069f2cc33883542cef828a4a2d57fa29dcb0
SHA256

ec8b5a9476b6702d2e8e28d3f73c7e7f3b320ee6cb30139426e7268d39720535
SHA512

6e574da4987ec2a13309cbbca6cb1e9ddafb2f5c70bc5a6552ee7378f8dc336bef92226619554a4d134b0c47e74ea292a2eee3307325bc92eaf139c2778110b3
SSDEEP

98304:PL+HAppIOhPI21+GoZNwCIqeBxZXtJ4UPkeGZyT9vJbbEY:685IKvwZedXdcGT9vK

Score

10^/10

redline @litr3x discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_ae4884a082329d72ba84448e68c1987b.exe

Resource

win7-20240903-en

redline @litr3x discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_ae4884a082329d72ba84448e68c1987b.exe

Resource

win10v2004-20241007-en

redline @litr3x discovery infostealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

@LiTr3x

C2

185.215.113.79:41465

Attributes

auth_value
3e9eda97b6589ac15756de0ba010d48f

Targets

- Target
  
  JaffaCakes118_ae4884a082329d72ba84448e68c1987b
- Size
  
  4.5MB
- MD5
  
  ae4884a082329d72ba84448e68c1987b
- SHA1
  
  e7e9069f2cc33883542cef828a4a2d57fa29dcb0
- SHA256
  
  ec8b5a9476b6702d2e8e28d3f73c7e7f3b320ee6cb30139426e7268d39720535
- SHA512
  
  6e574da4987ec2a13309cbbca6cb1e9ddafb2f5c70bc5a6552ee7378f8dc336bef92226619554a4d134b0c47e74ea292a2eee3307325bc92eaf139c2778110b3
- SSDEEP
  
  98304:PL+HAppIOhPI21+GoZNwCIqeBxZXtJ4UPkeGZyT9vJbbEY:685IKvwZedXdcGT9vK
Score

10^/10

redline @litr3x discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@litr3xdiscoveryinfostealer

behavioral2

redline@litr3xdiscoveryinfostealer

© 2018-2025

Terms | Privacy