General
-
Target
6150810b4e431d83eee91e479ca2d066.bin
-
Size
293KB
-
Sample
230206-k5fewsda59
-
MD5
1dcb40d0684f9171fea1398312ca6bd7
-
SHA1
8102862a17ecd994e2968ebbd4a2ff1c45a9a3c1
-
SHA256
7757d4cfc9bd57b4bfbad9537f583c56da8a7f836807c7bab593e7ce4f0d44b2
-
SHA512
84df7804d0856fc62b1a23ddfb7eebf485130c3eeb5d136372034458a78c02cea7ca8fc3fe817fe9b893be01a27fe2073008d5e2e39f53850869ceacdd7a487c
-
SSDEEP
6144:YhSy3mlAMz8+lVEqyvqqCgl8/1flSBoB/QZnPvMlBThH8Rmosion2:YhdmjFP/bSBLnMH53o+2
Static task
static1
Behavioral task
behavioral1
Sample
af7d617cb4151d5e372d775b98fa96038cd317d1bf73bee6481987bdaf0aa1fb.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
af7d617cb4151d5e372d775b98fa96038cd317d1bf73bee6481987bdaf0aa1fb.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
france
193.233.20.5:4136
-
auth_value
827023aa27bcc1cc2382e4d111feec6f
Targets
-
-
Target
af7d617cb4151d5e372d775b98fa96038cd317d1bf73bee6481987bdaf0aa1fb.exe
-
Size
337KB
-
MD5
6150810b4e431d83eee91e479ca2d066
-
SHA1
743a3c7a2807a5df285bae8fa8151e6c182945dc
-
SHA256
af7d617cb4151d5e372d775b98fa96038cd317d1bf73bee6481987bdaf0aa1fb
-
SHA512
d734c075aa4eb8f4e2610ea8efc8a868741f340c92711c6475afb9bda88a0affc5b88156dead1157c4904355d90b8bec7c7181c13966b83b7e192b139b6dda04
-
SSDEEP
6144:4hEN7+Lp0yN90QEyh7FDDiLg3bhhQrD8kUgLzx1lXcV3mixJyJj2LM:4G7/y90sVVWLche/mGtmWiO5W
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-