redline | b5cd68d3b2d6e79a5d15fa737dfae474a39aa7910759f7ca28bc1d9804359a44

Sharing

Copy URL

Twitter E-mail

General

Target

Redline.Stealer.v30.2.Cracked.zip
Size

35.9MB
Sample

250128-1npj8sslgs
MD5

ea3f5a9a0a1656e048a2640ca4007481
SHA1

3169637282b23fa49c4e5c6f3645157ab24722c7
SHA256

b5cd68d3b2d6e79a5d15fa737dfae474a39aa7910759f7ca28bc1d9804359a44
SHA512

ddd96a0857d5ba3041960eb565ee79990fd6d28d7438865e3400fadbf4446c2034f79bc0dc0787dd3d675bc8b9c6607b468747bf161a06a752cf17f3a9f6cd79
SSDEEP

786432:pwssBHZtEPztNd1SzC4lqjAbYciGOARzXT/zA9kz:pzatEPJN/LkbTHj/7z

Score

10^/10

redline

Malware Config

Targets

- Target
  
  Redline.Stealer.v30.2.Cracked.zip
- Size
  
  35.9MB
- MD5
  
  ea3f5a9a0a1656e048a2640ca4007481
- SHA1
  
  3169637282b23fa49c4e5c6f3645157ab24722c7
- SHA256
  
  b5cd68d3b2d6e79a5d15fa737dfae474a39aa7910759f7ca28bc1d9804359a44
- SHA512
  
  ddd96a0857d5ba3041960eb565ee79990fd6d28d7438865e3400fadbf4446c2034f79bc0dc0787dd3d675bc8b9c6607b468747bf161a06a752cf17f3a9f6cd79
- SSDEEP
  
  786432:pwssBHZtEPztNd1SzC4lqjAbYciGOARzXT/zA9kz:pzatEPJN/LkbTHj/7z
Score

7^/10
- Executes dropped EXE
behavioral1 behavioral2
- Target
  
  Redline Stealer v30.2 Cracked By @Drcrypt0r/Panel/Bunifu_UI_v1.52.dll
- Size
  
  219KB
- MD5
  
  5eca94d909f1ba4c5f3e35ac65a49076
- SHA1
  
  3b9cb69510887117844464a2cc711c06f2c3bd19
- SHA256
  
  de0e530d46c803d85b8aeb6d18816f1b09cb3dafefb5e19fdfa15c9f41e0f474
- SHA512
  
  257a33c748dfb617a7e2892310132fd4abf4384fb09c93a8ac3f609fd91353a4f3e326124ecc63b6041ac87cf4fcc17a8bdca312e0c851acd9c7a182247066ea
- SSDEEP
  
  6144:o1uzZh5rYAuBjtnkbxuzZ7Mg3i3hJtm4Fw2hHQHcHKaPUb:Ku1higb4zZR+9mcHX
Score

1^/10
behavioral3 behavioral4
- Target
  
  Redline Stealer v30.2 Cracked By @Drcrypt0r/Panel/Common.Logging.dll
- Size
  
  53KB
- MD5
  
  5193ac7470f5cd288cadf0fce4ea59a9
- SHA1
  
  b78f0ee86edd04a5c1709c494cb55a99d6f852e8
- SHA256
  
  cb2540e1087935ba8e859832bebc1e70985fa01de26344a86a7bacf9cdfd19c5
- SHA512
  
  20bdd0ff66d3dc49a9d0634e916bb6bf00fef600c0aa35956bcf8609b159332f53bfc23cd9794022352b6679c24dd0c4029b9c7d58636de054316a5afe4a88b1
- SSDEEP
  
  768:vwVPM/z+bsVvMq55kjb7Ar+n4KNmQ8MtJLr51:KZsS+5k/7G+wQ9tJLr51
Score

1^/10
behavioral5 behavioral6
- Target
  
  Redline Stealer v30.2 Cracked By @Drcrypt0r/Panel/GuiLib.dll
- Size
  
  50KB
- MD5
  
  42d66964ee6b3aa7710f07803f2e9565
- SHA1
  
  1af7fdf8b45f0003810c3b0c13e982c5c865d557
- SHA256
  
  05e0e8394154edf4366d6af144934a7014a0ad06f571dfd1e132d7099c8118e9
- SHA512
  
  311cd9febd10db76e101a059410ddc4af35916ac88dda0719dd5e4f2473bcc8485161da576f9512f73716258e19f53b61515875ad0c590d1c8854ccfb525d8eb
- SSDEEP
  
  768:pXBWBHqfkC/Wcd1V4+8dUQeEqUNVugUP26lunfWWeddVm:pXiWJ16+8dxeAVuwWWede
Score

1^/10
behavioral7 behavioral8
- Target
  
  Redline Stealer v30.2 Cracked By @Drcrypt0r/Panel/IPLocator.dll
- Size
  
  34KB
- MD5
  
  c8b0ac355a4eccd2390775fd4f2f72bc
- SHA1
  
  a56a296cf3a9b82a02db244a4112954b2f79f59e
- SHA256
  
  0d1dc8a4030f457fd6323b3646f1ad8e062e2afb17845a6ffa29795dc618bb4d
- SHA512
  
  73e5dc0f863ce8f17bdc9166cdae0b35f115c1f4cc247be0c07d8dd2e8dba19c24827ce1989136247732cd28380b89eb843d736f67f93304bce7adf546558621
- SSDEEP
  
  768:cqLW5vmCg+LWsFma0oqipv6iGl4A+wwZbgcLTnEeZAyYrdRA8/GRrN:cqLWpjWsFRtTpZzA+BgyTEeiTh2
Score

1^/10
behavioral10 behavioral9
- Target
  
  Redline Stealer v30.2 Cracked By @Drcrypt0r/Panel/IpDb/IpDb.BIN
- Size
  
  80.4MB
- MD5
  
  b63e1f0d6e8e86b93c8e82920391f880
- SHA1
  
  3a323b76694085b24611508c29eb0d7c9ff9cf21
- SHA256
  
  5f9c5b498d456bddda3d46686de264b9b2668b8d4dd2282f847a97b18b6a0735
- SHA512
  
  07eccc157cbd8b3afe3f1c801d1474356c6223cadacfea58fd24a2fb4739c78b32298c70da13f989c5bca0dc9e1d1213d1987d666466caaa3fe9569f2d110423
- SSDEEP
  
  393216:eKhuwMoPCQ9RVxhGdSHltwgk5ckBxfxHSvju4dHJ6M17uujpSiTdBoXv7L14WJTA:eKCWVbGl5M
Score

1^/10
behavioral11 behavioral12
- Target
  
  Redline Stealer v30.2 Cracked By @Drcrypt0r/Panel/IpDb/Ipv6Db.BIN
- Size
  
  144.9MB
- MD5
  
  63661fc63c4dba8d59f04d5c95fccdcf
- SHA1
  
  b8772881d0823d98b89925a32e999839238ae06d
- SHA256
  
  abacce3df9d69a3c2eff5b76d739be00f726023925cc9bafd92972fd1db5c9d3
- SHA512
  
  29fa31fcd3ba9f07b1687deb2307fa69c734c618c7a9265f9df33e91042f751c6bfc115889a8ca3d0db1ad1a7b87ccf79b1b9153981396a35eba585f0248a440
- SSDEEP
  
  786432:ZEPIUc/7ecpRQrURcLltYAOeO4QkYTXHfo9On6wT:Zhf6ruAOeRYTXHfo9edT
Score

1^/10
behavioral13 behavioral14
- Target
  
  Redline Stealer v30.2 Cracked By @Drcrypt0r/Panel/MetroSet UI.dll
- Size
  
  436KB
- MD5
  
  5aeea45913eb8475077a9547d7d3f2f3
- SHA1
  
  09931075a4fdffe7b051df6d3bc5b4a0bacdf019
- SHA256
  
  ef2a67849fbe0f1c99263bf0acfddf15a1b3668e49fd9d35868e147d8a4c8c73
- SHA512
  
  3f3ba1d117784aca8d6abfe84e9275da425fd23982aa1ce9af760a9e5d7cd5e9dc2e36a36cc6e190cb91e8b2c8888881cfd8feeb85c3249185d61273a1a1e0ff
- SSDEEP
  
  12288:EE4n7EmAqNv8MkCvzMTlCPRSoWzz7QYaIHUMhPrYDK:EE4n7xAqN0MkCvzMTlCEoDYFHZeDK
Score

1^/10
behavioral15 behavioral16
- Target
  
  Redline Stealer v30.2 Cracked By @Drcrypt0r/Panel/Microsoft.Bcl.AsyncInterfaces.dll
- Size
  
  26KB
- MD5
  
  970b6e6478ae3ab699f277d77de0cd19
- SHA1
  
  5475cb28998d419b4714343ffa9511ff46322ac2
- SHA256
  
  5dc372a10f345b1f00ec6a8fa1a2ce569f7e5d63e4f1f8631be367e46bfa34f4
- SHA512
  
  f3ad2088c5d3fcb770c6d8212650eed95507e107a34f9468ca9db99defd8838443a95e0b59a5a6cb65a18ebbc529110c5348513a321b44223f537096c6d7d6e0
- SSDEEP
  
  768:DulwnBhYlTVv2wK5idcgF4of1n6K9zUYJ:ywHYFtKYdcg/f1nXzUYJ
Score

1^/10
behavioral17 behavioral18
- Target
  
  Redline Stealer v30.2 Cracked By @Drcrypt0r/Panel/NHttp.dll
- Size
  
  57KB
- MD5
  
  119a2ff3c42750b76773505f237e47e6
- SHA1
  
  f49951c8aacece37d820c51919c44f77d3e56a9d
- SHA256
  
  c0433ee6583ccda71b3b59593b21242dfa62c0212f71fd78b4349728863e89f1
- SHA512
  
  2d12f462121c5e473898a33feafc185a63161eea1128940d9a7bc2ce33ddd7bf3bdc93a6d81d46060084a4fb619d75ff858fc5689443e15328b178b37432c4a9
- SSDEEP
  
  768:gMmEsXlFXebhEuWvbeS5CByD1G9lJ843s6oDuFYJKdMk3ys6VJBaJ1+VKK:gdE2AuC4SKG9lJdBoOdZ3YVJBaXcKK
Score

1^/10
behavioral19 behavioral20
- Target
  
  Redline Stealer v30.2 Cracked By @Drcrypt0r/Panel/Newtonsoft.Json.Schema.dll
- Size
  
  208KB
- MD5
  
  260a18bcc6d697d5c9f42299f2f34195
- SHA1
  
  de566fe1aa6d98310ddfa9d0773d1bdf47675c37
- SHA256
  
  b3cc57a64a89017c294927d93a24d10e5863287cdf32bd0f173386d3caebf5a8
- SHA512
  
  0451e2027ce21d1e7ed5267917b49c27f1e264ef58512d489da5d4359b62ceb7971ab2adec569a0626d9bcdeeae1f1f4744b5d0c8e1158a2af70c1e03d2cae29
- SSDEEP
  
  6144:PvT7+4dA4e7+wnOwCRv7S8sjs4pcw0KZ:nT7+4u4e7hOwvs4p
Score

1^/10
behavioral21 behavioral22
- Target
  
  Redline Stealer v30.2 Cracked By @Drcrypt0r/Panel/Newtonsoft.Json.dll
- Size
  
  683KB
- MD5
  
  6815034209687816d8cf401877ec8133
- SHA1
  
  1248142eb45eed3beb0d9a2d3b8bed5fe2569b10
- SHA256
  
  7f912b28a07c226e0be3acfb2f57f050538aba0100fa1f0bf2c39f1a1f1da814
- SHA512
  
  3398094ce429ab5dcdecf2ad04803230669bb4accaef7083992e9b87afac55841ba8def2a5168358bd17e60799e55d076b0e5ca44c86b9e6c91150d3dc37c721
- SSDEEP
  
  12288:Lf9WGsSVSM2mxL2nRiOr8gUckc6V/g2GhBzj05cH:7XNL2PVh6B+Bzjmc
Score

1^/10
behavioral23 behavioral24
- Target
  
  Redline Stealer v30.2 Cracked By @Drcrypt0r/Panel/Panel.exe
- Size
  
  12.1MB
- MD5
  
  85afedf22ca7d0561be4443e854459a7
- SHA1
  
  1fec08de68672a302f0df40ff30b22cee4d18057
- SHA256
  
  130a2379f8f07cec2cd9935bdf67bfcfbb977327f89f017dc16f19efc871d864
- SHA512
  
  e5229c4e67bc7d4ef8b53c94cfd017833797ecb52a93d71e9770ae50aaaa8e3e6c9b6433389f85255c2fe92bf94bdf1f6d1c49a01ac0809d7c8ccdb8c07dce03
- SSDEEP
  
  393216:+A+bVvdvbtsjjBbns3JX08gNghF5tAVsQsaBMvBVvrsV4ojavjdTbvosw+z6VVq1:+A+bVvdvbtsjjBbns3JX08gNghF5tAV8
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral25 behavioral26
- Target
  
  Redline Stealer v30.2 Cracked By @Drcrypt0r/Panel/Panel.exe.config
- Size
  
  26KB
- MD5
  
  14c52be5c2f2e05b34c971ab1c5a1f6e
- SHA1
  
  ca6af3aeef6b4f7d0b9d9199b985251d29aa65e2
- SHA256
  
  46de03cb4b125529c7aaf6024d3a287fb7c01bc5514664aae89d1a2f05af951a
- SHA512
  
  9266c85eb86115eef864e18bc46a5d2aae82e81ddbffc1589bad308ab1f7122d8a92bb5260e957a97350190bcaad27e93ad2bc1f7db1aaddc1c44a80dc728108
- SSDEEP
  
  384:TXe7J7+7m7B7x7e7VC0rfqvUWCBrfqvfVCBrfqvfY:N+U+4+Y
Score

1^/10
behavioral27 behavioral28
- Target
  
  Redline Stealer v30.2 Cracked By @Drcrypt0r/Panel/Pluralsight.Crypto.dll
- Size
  
  45KB
- MD5
  
  4ae6096005c37982c8b0c7b465d88da5
- SHA1
  
  93486afd78d1dba82722bee3ff7661e4740b9f05
- SHA256
  
  e3e598d322d72e6b717f6753d02d8f98a5436e884adbc0cc383e7a39a3c35b04
- SHA512
  
  86b52ab17120ec7c2941b7598c2b90ed8bce6f4c11a5c3e6e026c60f976ed58b042a8495c16f2a6a4dee8463da788a90ff6008069a133f566862afcc8ab65642
- SSDEEP
  
  768:nkwGNy7QxrBNTEpN+efDLMJQWv+3txn29FRTIQNqMQbQLnBYB+0Mp9E+8iROAzN:nkw8KfnMJT+7n2/R0qxrBYU0MQ+8iAA5
Score

1^/10
behavioral29 behavioral30
- Target
  
  Redline Stealer v30.2 Cracked By @Drcrypt0r/Panel/RestSharp.dll
- Size
  
  187KB
- MD5
  
  6122f53b28d172d5711b79427d89b409
- SHA1
  
  6bde48731f89b3bbbde7614898638a4f33121114
- SHA256
  
  676e00e8f81b6c25e122277d55a56d28924a4cc304f160ad1dfb803e8d2ea594
- SHA512
  
  a9e6d2bd3b62a7b37f7a0aa241f057e8266ed836b3df92ab4dc9d7ae7a9e928bd468d7d8e88e7ba1ca04ca443a0a552ca6419cea69cc3f9b3f2c7e7f7899a4b9
- SSDEEP
  
  3072:bcDieefd3nF+GhIVE+mvJOUc6XM42SuYA6qIGqskUi2m7FktfLJ19D:mq9nF+GmVBmQUt2Su2jGqskF
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32