redline | 280e25702f34e2bb2d551bcedc96f8418fc680f195c4fdda2dccb247e8d5a5ef | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...5f.exe

windows7-x64

JaffaCakes...5f.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_b58e6b6e3dd0ab7dc2bd6cdcec4d685f
Size

4.6MB
Sample

250109-a41z4azrfv
MD5

b58e6b6e3dd0ab7dc2bd6cdcec4d685f
SHA1

47dbe326a072d1c1e019994c9827c98b6aad6d1b
SHA256

280e25702f34e2bb2d551bcedc96f8418fc680f195c4fdda2dccb247e8d5a5ef
SHA512

80c95dc78134c3a9e6385a89750b7634d641f7ecd74060058ef6cf747dbcfd1e9a6e5e898dbaf5625b60659d9b3c8a58e2d31252d251db851f544dbef9b6afeb
SSDEEP

98304:mLyenIDTWL73IuqwmEOKZR5L1uZOJMG8SunPTd:RvWL73Iuq9KZjhXCnPT

Score

10^/10

redline @free_reall discovery infostealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_b58e6b6e3dd0ab7dc2bd6cdcec4d685f.exe

Resource

win7-20240708-en

redline @free_reall discovery infostealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_b58e6b6e3dd0ab7dc2bd6cdcec4d685f.exe

Resource

win10v2004-20241007-en

redline @free_reall discovery infostealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

@Free_Reall

C2

185.209.22.181:29234

Attributes

auth_value
5a0918bd3e8ede8e02c8dd9d106a996d

Targets

- Target
  
  JaffaCakes118_b58e6b6e3dd0ab7dc2bd6cdcec4d685f
- Size
  
  4.6MB
- MD5
  
  b58e6b6e3dd0ab7dc2bd6cdcec4d685f
- SHA1
  
  47dbe326a072d1c1e019994c9827c98b6aad6d1b
- SHA256
  
  280e25702f34e2bb2d551bcedc96f8418fc680f195c4fdda2dccb247e8d5a5ef
- SHA512
  
  80c95dc78134c3a9e6385a89750b7634d641f7ecd74060058ef6cf747dbcfd1e9a6e5e898dbaf5625b60659d9b3c8a58e2d31252d251db851f544dbef9b6afeb
- SSDEEP
  
  98304:mLyenIDTWL73IuqwmEOKZR5L1uZOJMG8SunPTd:RvWL73Iuq9KZjhXCnPT
Score

10^/10

redline @free_reall discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@free_realldiscoveryinfostealer

behavioral2

redline@free_realldiscoveryinfostealer

© 2018-2025

Terms | Privacy