redline | 139c83b8cf3674d992e04f9e4a047c3a7ad5279b2f6b8bf18c39603f82bca16d | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...0e.exe

windows7-x64

JaffaCakes...0e.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_95e82a0b2a99370162fa203994cc8b0e
Size

4.6MB
Sample

250108-kenctaskes
MD5

95e82a0b2a99370162fa203994cc8b0e
SHA1

807f363607e6808b1cb7504de1ef9718343bd2cc
SHA256

139c83b8cf3674d992e04f9e4a047c3a7ad5279b2f6b8bf18c39603f82bca16d
SHA512

51d01ba0c1b46270780df84e925dffd1800355229b8a23b820565e66ea973ad46fb614d19371725d1afcb30fa9393429532d225b8389920c92ba2cf8df3620f2
SSDEEP

98304:wLIgXzEGmyPe4pTQAXf8bTAbqKRf4fRDpvX4:sdpT5XpeEf4fRl

Score

10^/10

redline @l_like_a_sir_l discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_95e82a0b2a99370162fa203994cc8b0e.exe

Resource

win7-20241023-en

redline @l_like_a_sir_l discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_95e82a0b2a99370162fa203994cc8b0e.exe

Resource

win10v2004-20241007-en

redline @l_like_a_sir_l discovery infostealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

@l_Like_a_Sir_l

C2

138.124.186.121:45760

Attributes

auth_value
9b509f3ca2ec2a739920d789362e5ac4

Targets

- Target
  
  JaffaCakes118_95e82a0b2a99370162fa203994cc8b0e
- Size
  
  4.6MB
- MD5
  
  95e82a0b2a99370162fa203994cc8b0e
- SHA1
  
  807f363607e6808b1cb7504de1ef9718343bd2cc
- SHA256
  
  139c83b8cf3674d992e04f9e4a047c3a7ad5279b2f6b8bf18c39603f82bca16d
- SHA512
  
  51d01ba0c1b46270780df84e925dffd1800355229b8a23b820565e66ea973ad46fb614d19371725d1afcb30fa9393429532d225b8389920c92ba2cf8df3620f2
- SSDEEP
  
  98304:wLIgXzEGmyPe4pTQAXf8bTAbqKRf4fRDpvX4:sdpT5XpeEf4fRl
Score

10^/10

redline @l_like_a_sir_l discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@l_like_a_sir_ldiscoveryinfostealer

behavioral2

redline@l_like_a_sir_ldiscoveryinfostealer

© 2018-2025

Terms | Privacy