redline | 845591961f7c70996b75310a0817420e9c79ffa9861e67f790078fd1903bf82b | Triage

Submit
Reports

Overview

overview

Static

static

1

845591961f...2b.exe

windows7-x64

845591961f...2b.exe

windows10-2004-x64

Sharing

General

Target

845591961f7c70996b75310a0817420e9c79ffa9861e67f790078fd1903bf82b.exe
Size

323KB
Sample

250208-f7l81axray
MD5

0ca8773ba98405057fd480985d7df748
SHA1

91980f68d6192361dbcbab2769730f3e316825cb
SHA256

845591961f7c70996b75310a0817420e9c79ffa9861e67f790078fd1903bf82b
SHA512

a6a7630b877c99b90bca2a3eeebb38be9c1182901dc49b9e442b0d44c2ae212d9ceef088bc603532d254f7ccca3a46ce5940912aa50503acdaa4715a5f218eef
SSDEEP

6144:8qvtOTpNbivUTJ403lDLFCkBlN0jVlM6tIzDW+9lEnQ2m3iIk:tOTpNQUTJ403lH8kB8jnM6tIW+/EnQ2L

Score

10^/10

redline greg discovery infostealer

Static task

static1

Behavioral task

behavioral1

Sample

845591961f7c70996b75310a0817420e9c79ffa9861e67f790078fd1903bf82b.exe

Resource

win7-20241010-en

redline greg discovery infostealer

windows7-x64

6 signatures

120 seconds

Behavioral task

behavioral2

Sample

845591961f7c70996b75310a0817420e9c79ffa9861e67f790078fd1903bf82b.exe

Resource

win10v2004-20250207-en

redline greg discovery infostealer

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Extracted

Family

redline

Botnet

greg

C2

83.97.73.122:19062

Attributes

auth_value
4c966a90781c6b4ab7f512d018696362

Targets

- Target
  
  845591961f7c70996b75310a0817420e9c79ffa9861e67f790078fd1903bf82b.exe
- Size
  
  323KB
- MD5
  
  0ca8773ba98405057fd480985d7df748
- SHA1
  
  91980f68d6192361dbcbab2769730f3e316825cb
- SHA256
  
  845591961f7c70996b75310a0817420e9c79ffa9861e67f790078fd1903bf82b
- SHA512
  
  a6a7630b877c99b90bca2a3eeebb38be9c1182901dc49b9e442b0d44c2ae212d9ceef088bc603532d254f7ccca3a46ce5940912aa50503acdaa4715a5f218eef
- SSDEEP
  
  6144:8qvtOTpNbivUTJ403lDLFCkBlN0jVlM6tIzDW+9lEnQ2m3iIk:tOTpNQUTJ403lH8kB8jnM6tIW+/EnQ2L
Score

10^/10

redline greg discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Downloads MZ/PE file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinegregdiscoveryinfostealer

behavioral2

redlinegregdiscoveryinfostealer

© 2018-2025

Terms | Privacy