General
-
Target
0170c722261c494ccf2b871ca1011680ad11759db14936ba3bd0941a9233997b.bin
-
Size
557KB
-
Sample
230311-25bkdabg45
-
MD5
0209582fbd5345aff1b97ac70407b97f
-
SHA1
dfab2ca620ed3261c2877a8ffe69b0ef590f7eb8
-
SHA256
0170c722261c494ccf2b871ca1011680ad11759db14936ba3bd0941a9233997b
-
SHA512
cba788e2e9d822ffaa96cd88d9ff68695913b3594a18855b160800dcd667e8a57e4ed7aada1dfa82e0573a85e5af9ac7e4be51a4364f463de2f32fd14f6810df
-
SSDEEP
12288:pMrFy902JZic3F6gBcLP/6+hjT5zW7foehM2hqs5p7Afvi1:Ay3Zn3F6gGC+5FWbdMeD5Ug
Static task
static1
Behavioral task
behavioral1
Sample
0170c722261c494ccf2b871ca1011680ad11759db14936ba3bd0941a9233997b.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
0170c722261c494ccf2b871ca1011680ad11759db14936ba3bd0941a9233997b.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
fud
193.233.20.27:4123
-
auth_value
cddc991efd6918ad5321d80dac884b40
Targets
-
-
Target
0170c722261c494ccf2b871ca1011680ad11759db14936ba3bd0941a9233997b.bin
-
Size
557KB
-
MD5
0209582fbd5345aff1b97ac70407b97f
-
SHA1
dfab2ca620ed3261c2877a8ffe69b0ef590f7eb8
-
SHA256
0170c722261c494ccf2b871ca1011680ad11759db14936ba3bd0941a9233997b
-
SHA512
cba788e2e9d822ffaa96cd88d9ff68695913b3594a18855b160800dcd667e8a57e4ed7aada1dfa82e0573a85e5af9ac7e4be51a4364f463de2f32fd14f6810df
-
SSDEEP
12288:pMrFy902JZic3F6gBcLP/6+hjT5zW7foehM2hqs5p7Afvi1:Ay3Zn3F6gGC+5FWbdMeD5Ug
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-