General
-
Target
cbef8e26a0179c077ca4138dee22ceff71a7721075c02aaee618f4eeaa4731de
-
Size
769KB
-
Sample
241111-femztswqbm
-
MD5
adebe73b2dc677430d903c9cdd22f291
-
SHA1
ddd8bd577d379b1c2be79d0f0cf3b547a0a74cb2
-
SHA256
cbef8e26a0179c077ca4138dee22ceff71a7721075c02aaee618f4eeaa4731de
-
SHA512
ca74138dc66267404788ffe28bc27dbda3ceb8e1dd9ce76d9f4d83efc2b864b35cfe450962c6975d6ed9fb32c742b5265825e0247c0d8c621fd0ce54e2846bc6
-
SSDEEP
24576:nyvhpzuOEsGVW/YaGK8H+QVKkPh0przca7:yvhpzJKgg+uGrzl
Static task
static1
Behavioral task
behavioral1
Sample
cbef8e26a0179c077ca4138dee22ceff71a7721075c02aaee618f4eeaa4731de.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
romik
193.233.20.12:4132
-
auth_value
8fb78d2889ba0ca42678b59b884e88ff
Targets
-
-
Target
cbef8e26a0179c077ca4138dee22ceff71a7721075c02aaee618f4eeaa4731de
-
Size
769KB
-
MD5
adebe73b2dc677430d903c9cdd22f291
-
SHA1
ddd8bd577d379b1c2be79d0f0cf3b547a0a74cb2
-
SHA256
cbef8e26a0179c077ca4138dee22ceff71a7721075c02aaee618f4eeaa4731de
-
SHA512
ca74138dc66267404788ffe28bc27dbda3ceb8e1dd9ce76d9f4d83efc2b864b35cfe450962c6975d6ed9fb32c742b5265825e0247c0d8c621fd0ce54e2846bc6
-
SSDEEP
24576:nyvhpzuOEsGVW/YaGK8H+QVKkPh0przca7:yvhpzJKgg+uGrzl
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-