RedLineStealer
RedLine Stealer was offered for sale as Salary in the Russian underground market in 2020. WCF (Windows Communication Foundation) C2 channel, .NET ConfuserEx obfuscation. One of the most common infostealer families of 2022-2024.
Threat Profile
Type
Infostealer
Programming LanguageC#/.NET
C2 ProtocolWCF/TCP
First Seen2020
Targets
Kuresel
Purpose / Capabilities
- Credential + Crypto Theft
No C2 servers have been identified for this family yet.
Research Reports (1)
RedLine Stealer — .NET ConfuserEx Sifreli, 744KB PE, Tarayici/Kripto/FTP Hirsizi | Yuksek
RedLine Stealer .NET ConfuserEx obfuskasyon. 744KB PE, cleartext IOC yok. Tarayici sifre, kripto cuzdan, FTP credential calma.
Read Report →