General
-
Target
00cbdba9d104e9f41a9906035e680fd13ddd24f6d53ddc952b6e41ad7c4aaf7a.bin
-
Size
716KB
-
Sample
230311-24yzaabf98
-
MD5
1414e96643542204aa27d91584f47f25
-
SHA1
99e37f106435c0f089a6afa36752cd80d406be3c
-
SHA256
00cbdba9d104e9f41a9906035e680fd13ddd24f6d53ddc952b6e41ad7c4aaf7a
-
SHA512
d90d326a05296d95da9a13051e2e16f4053b930993bd1d5227ae47f49f3d282ba6edc3600ef7d5acb5b7b252e1113fe5f840fbda396fc6f4bf766c5bf05de1bb
-
SSDEEP
12288:WMrGy90yLnpAizNQmzbMaag9MU8u2qeNre4pP8xD+4yhL6NEvBHtp33SaX:YyfGxo8nNFp0xDWGEpB
Static task
static1
Behavioral task
behavioral1
Sample
00cbdba9d104e9f41a9906035e680fd13ddd24f6d53ddc952b6e41ad7c4aaf7a.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
00cbdba9d104e9f41a9906035e680fd13ddd24f6d53ddc952b6e41ad7c4aaf7a.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
fud
193.233.20.27:4123
-
auth_value
cddc991efd6918ad5321d80dac884b40
Targets
-
-
Target
00cbdba9d104e9f41a9906035e680fd13ddd24f6d53ddc952b6e41ad7c4aaf7a.bin
-
Size
716KB
-
MD5
1414e96643542204aa27d91584f47f25
-
SHA1
99e37f106435c0f089a6afa36752cd80d406be3c
-
SHA256
00cbdba9d104e9f41a9906035e680fd13ddd24f6d53ddc952b6e41ad7c4aaf7a
-
SHA512
d90d326a05296d95da9a13051e2e16f4053b930993bd1d5227ae47f49f3d282ba6edc3600ef7d5acb5b7b252e1113fe5f840fbda396fc6f4bf766c5bf05de1bb
-
SSDEEP
12288:WMrGy90yLnpAizNQmzbMaag9MU8u2qeNre4pP8xD+4yhL6NEvBHtp33SaX:YyfGxo8nNFp0xDWGEpB
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-