redline | c0631d14f4a74e5dad6e48521c9838d3cf291396a6d5be583e2d14920f4f9285 | Triage

Submit
Reports

Overview

overview

Static

static

1

c0631d14f4...85.exe

windows7-x64

c0631d14f4...85.exe

windows10-2004-x64

Sharing

General

Target

c0631d14f4a74e5dad6e48521c9838d3cf291396a6d5be583e2d14920f4f9285.exe
Size

365KB
Sample

250208-ne8wastjcm
MD5

5c2bf2e317807c650b9049bf69e6e0de
SHA1

745343192be97ab8534551e64b88398a91af7c44
SHA256

c0631d14f4a74e5dad6e48521c9838d3cf291396a6d5be583e2d14920f4f9285
SHA512

116b427822c728e44f2dcc2cafac8d8e94aa792c7bf67d266e4b340e359740eee6bbd421fd0d8b408566bf16032b1b7f48d3bcf5bd8ab6fa8c1a12e3f276e5c4
SSDEEP

3072:gokN1jz7yTZjD7CaVT7yFrvSwAlvwz9xmBihXUH8RLrbsW0bCtjUuIYyGVKA6m2b:goA9yTZjD7VsDZxegXUH8Rpxn2m666I4

Score

10^/10

redline @swagseasoon discovery infostealer

Static task

static1

Behavioral task

behavioral1

Sample

c0631d14f4a74e5dad6e48521c9838d3cf291396a6d5be583e2d14920f4f9285.exe

Resource

win7-20240903-en

redline @swagseasoon discovery infostealer

windows7-x64

7 signatures

120 seconds

Behavioral task

behavioral2

Sample

c0631d14f4a74e5dad6e48521c9838d3cf291396a6d5be583e2d14920f4f9285.exe

Resource

win10v2004-20250207-en

redline @swagseasoon discovery infostealer

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Extracted

Family

redline

Botnet

@swagseasoon

C2

37.220.87.8:42823

Attributes

auth_value
bfc2903da4ada2bec8e5446f6bfa75a6

Targets

- Target
  
  c0631d14f4a74e5dad6e48521c9838d3cf291396a6d5be583e2d14920f4f9285.exe
- Size
  
  365KB
- MD5
  
  5c2bf2e317807c650b9049bf69e6e0de
- SHA1
  
  745343192be97ab8534551e64b88398a91af7c44
- SHA256
  
  c0631d14f4a74e5dad6e48521c9838d3cf291396a6d5be583e2d14920f4f9285
- SHA512
  
  116b427822c728e44f2dcc2cafac8d8e94aa792c7bf67d266e4b340e359740eee6bbd421fd0d8b408566bf16032b1b7f48d3bcf5bd8ab6fa8c1a12e3f276e5c4
- SSDEEP
  
  3072:gokN1jz7yTZjD7CaVT7yFrvSwAlvwz9xmBihXUH8RLrbsW0bCtjUuIYyGVKA6m2b:goA9yTZjD7VsDZxegXUH8Rpxn2m666I4
Score

10^/10

redline @swagseasoon discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Downloads MZ/PE file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@swagseasoondiscoveryinfostealer

behavioral2

redline@swagseasoondiscoveryinfostealer

© 2018-2025

Terms | Privacy