General
-
Target
00b5f8a98bdf1ddcc64dff79cbb6c7394f55a02f4c226afc343a81fc1a636634.bin
-
Size
526KB
-
Sample
230311-24wh6adf4w
-
MD5
0058c00eef2688bfb4cd497c90d77f6c
-
SHA1
552eb7d7cc5c1dd204c9282766d3410f2c8259c3
-
SHA256
00b5f8a98bdf1ddcc64dff79cbb6c7394f55a02f4c226afc343a81fc1a636634
-
SHA512
714ea36c1e2aaf05c1abadbe97787c166fd0628664c069ce1adc558cd23989c18473091e28d71615639008c539c3c703bb5a75072e66b2a58c93099be8b9aede
-
SSDEEP
12288:3MrDy90C3lo5WKpkCRFQ8RfI+ZMzUzSjjlO:Iy3zKpTm+ZM+2js
Static task
static1
Behavioral task
behavioral1
Sample
00b5f8a98bdf1ddcc64dff79cbb6c7394f55a02f4c226afc343a81fc1a636634.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
00b5f8a98bdf1ddcc64dff79cbb6c7394f55a02f4c226afc343a81fc1a636634.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
fud
193.233.20.27:4123
-
auth_value
cddc991efd6918ad5321d80dac884b40
Targets
-
-
Target
00b5f8a98bdf1ddcc64dff79cbb6c7394f55a02f4c226afc343a81fc1a636634.bin
-
Size
526KB
-
MD5
0058c00eef2688bfb4cd497c90d77f6c
-
SHA1
552eb7d7cc5c1dd204c9282766d3410f2c8259c3
-
SHA256
00b5f8a98bdf1ddcc64dff79cbb6c7394f55a02f4c226afc343a81fc1a636634
-
SHA512
714ea36c1e2aaf05c1abadbe97787c166fd0628664c069ce1adc558cd23989c18473091e28d71615639008c539c3c703bb5a75072e66b2a58c93099be8b9aede
-
SSDEEP
12288:3MrDy90C3lo5WKpkCRFQ8RfI+ZMzUzSjjlO:Iy3zKpTm+ZM+2js
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-