General
-
Target
00e4ff4570f3f9e5bead25562a9c32c31b75af7c701c9d58e77932f60e20271a.bin
-
Size
436KB
-
Sample
230311-2414msdf5y
-
MD5
2a2d98e0668bfa09de545fa6531db417
-
SHA1
a723bcdc464d1f9b948b4cf641a6b3251ba9ebfb
-
SHA256
00e4ff4570f3f9e5bead25562a9c32c31b75af7c701c9d58e77932f60e20271a
-
SHA512
f3993c04e244a834e04c9233c7e0b1175810e68644fae1413c50de8d541e4e89f7ede770a773605903ff3b3a53c673f035a373599d072baec9c67ef9505dbb1b
-
SSDEEP
6144:Kmy+bnr+Jp0yN90QEF3qiledXNoIA6c0nmPbrT4jBfGA6X4cLZcQyTH47AxzxC0B:OMrBy903qi41NmZwmHmXAchzE0B
Static task
static1
Behavioral task
behavioral1
Sample
00e4ff4570f3f9e5bead25562a9c32c31b75af7c701c9d58e77932f60e20271a.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
00e4ff4570f3f9e5bead25562a9c32c31b75af7c701c9d58e77932f60e20271a.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
00e4ff4570f3f9e5bead25562a9c32c31b75af7c701c9d58e77932f60e20271a.bin
-
Size
436KB
-
MD5
2a2d98e0668bfa09de545fa6531db417
-
SHA1
a723bcdc464d1f9b948b4cf641a6b3251ba9ebfb
-
SHA256
00e4ff4570f3f9e5bead25562a9c32c31b75af7c701c9d58e77932f60e20271a
-
SHA512
f3993c04e244a834e04c9233c7e0b1175810e68644fae1413c50de8d541e4e89f7ede770a773605903ff3b3a53c673f035a373599d072baec9c67ef9505dbb1b
-
SSDEEP
6144:Kmy+bnr+Jp0yN90QEF3qiledXNoIA6c0nmPbrT4jBfGA6X4cLZcQyTH47AxzxC0B:OMrBy903qi41NmZwmHmXAchzE0B
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-