General
-
Target
00bb7b4c5723397a23971a3920b9a482d7ba3efcb2f197f9ebbc901d73ca2449.bin
-
Size
724KB
-
Sample
230311-24xffsdf4y
-
MD5
b0e82c19af8609f4ca2707cb5d0de65c
-
SHA1
ebde8ec56677815fc16d32431f5cb4283dae7ebc
-
SHA256
00bb7b4c5723397a23971a3920b9a482d7ba3efcb2f197f9ebbc901d73ca2449
-
SHA512
adce48e66eda5f53a200e7dda1b7caf97e4bf20206340c03548a753ae8d590e83e4c9e44ce7028200766a6aa0570dcdc49d8346618b303f5b3ec61a701416de8
-
SSDEEP
12288:XMr2y900efLVwwENsuFLe4Oaab4MPH8J1oj8LubcPers2iT19siM7W:dy4DVHENs8uPH6t08EsZv9M7W
Static task
static1
Behavioral task
behavioral1
Sample
00bb7b4c5723397a23971a3920b9a482d7ba3efcb2f197f9ebbc901d73ca2449.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
00bb7b4c5723397a23971a3920b9a482d7ba3efcb2f197f9ebbc901d73ca2449.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
fud
193.233.20.27:4123
-
auth_value
cddc991efd6918ad5321d80dac884b40
Targets
-
-
Target
00bb7b4c5723397a23971a3920b9a482d7ba3efcb2f197f9ebbc901d73ca2449.bin
-
Size
724KB
-
MD5
b0e82c19af8609f4ca2707cb5d0de65c
-
SHA1
ebde8ec56677815fc16d32431f5cb4283dae7ebc
-
SHA256
00bb7b4c5723397a23971a3920b9a482d7ba3efcb2f197f9ebbc901d73ca2449
-
SHA512
adce48e66eda5f53a200e7dda1b7caf97e4bf20206340c03548a753ae8d590e83e4c9e44ce7028200766a6aa0570dcdc49d8346618b303f5b3ec61a701416de8
-
SSDEEP
12288:XMr2y900efLVwwENsuFLe4Oaab4MPH8J1oj8LubcPers2iT19siM7W:dy4DVHENs8uPH6t08EsZv9M7W
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-