redline | ceedf0469783ec4ca42957bb1e66cacd270a6dc16fc845e0cdef7b3d7c3b58c5 | Triage

Submit
Reports

Overview

overview

Static

static

1

ba55ad4b14...c0.exe

windows7-x64

ba55ad4b14...c0.exe

windows10-2004-x64

Sharing

General

Target

ceedf0469783ec4ca42957bb1e66cacd270a6dc16fc845e0cdef7b3d7c3b58c5
Size

324KB
Sample

241111-cfxc4syrfw
MD5

88ac87ab3e33259e696f2b1a379c17b2
SHA1

7a0886f7c6219e8d3bac9644ea6459c555298d19
SHA256

ceedf0469783ec4ca42957bb1e66cacd270a6dc16fc845e0cdef7b3d7c3b58c5
SHA512

20e2a37cc077f651e9eb394e403b24f26fd4768d43aca2ffb692d836327bf9eb4d8ce20ec8dab5ce6dc51134c965a58270bbc09ca760e462a02493f45e465c13
SSDEEP

6144:BTczIkwEr9+f7+XetjlkUa5TzmqPGV2TIvEHclZ+xcBIXak+V50yu0:BTjkZrITrnkCqPGV2/8lECCXak05hu0

Score

10^/10

redline @retr11k discovery infostealer

Static task

static1

Behavioral task

behavioral1

Sample

ba55ad4b1455f5cad686bf4ca883577dc98ebc05fffd79c7bc104e9304c181c0.exe

Resource

win7-20240729-en

redline @retr11k discovery infostealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

ba55ad4b1455f5cad686bf4ca883577dc98ebc05fffd79c7bc104e9304c181c0.exe

Resource

win10v2004-20241007-en

redline @retr11k discovery infostealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

@retr11k

C2

zumbemclat.xyz:81

Attributes

auth_value
fed6a2ebe9a9652e2caca70aff44bfb9

Targets

- Target
  
  ba55ad4b1455f5cad686bf4ca883577dc98ebc05fffd79c7bc104e9304c181c0
- Size
  
  833KB
- MD5
  
  439786cfa948f5ca38d3d269fb674da5
- SHA1
  
  6b8b09fdbe20f6a78db952faad120e60204b786e
- SHA256
  
  ba55ad4b1455f5cad686bf4ca883577dc98ebc05fffd79c7bc104e9304c181c0
- SHA512
  
  bfd58d8c3567b715bfebdfa12ae5b4c050b55fe6b39d63a277faaba70866b3c38f6a2f1f950f0b77b02a7c187e139e3849ac318d73f04e2dfe8c9246b4cf325b
- SSDEEP
  
  6144:Iuv+WQbU/SUgJ4v84B/wb9QyaVvQBc6FqOMRc5Sw2yhbxKXW4t+oLelfl3mymGCM:DvoKPgJd/FwI5bxhoLeL3mbGr3nT3
Score

10^/10

redline @retr11k discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@retr11kdiscoveryinfostealer

behavioral2

redline@retr11kdiscoveryinfostealer

© 2018-2025

Terms | Privacy