General
-
Target
0023ba22d9ea5a6a6ca0c8c456d4bda593e9c572b1a6f57f44a0126254795ee6.bin
-
Size
525KB
-
Sample
230311-2mk14abf23
-
MD5
a964adab8136ef1da5a4cc47f17a3d84
-
SHA1
308c8f3a0d27d392e2f864e8e7104c9fe8028496
-
SHA256
0023ba22d9ea5a6a6ca0c8c456d4bda593e9c572b1a6f57f44a0126254795ee6
-
SHA512
f1ef543180cbfdcdc20136fdf28e63a8b4035d7508f83964b0969f849fb75bfe3417fdda1f7519f6cbebb2789698d00fff7ec360f007cb0c4aea2b3ae2da4fff
-
SSDEEP
12288:+MrEy90Ik713I84pjWAaAsMzROc6PCvfj3wtgWX3:CydktIPpzZUtgWX3
Static task
static1
Behavioral task
behavioral1
Sample
0023ba22d9ea5a6a6ca0c8c456d4bda593e9c572b1a6f57f44a0126254795ee6.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
0023ba22d9ea5a6a6ca0c8c456d4bda593e9c572b1a6f57f44a0126254795ee6.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
fud
193.233.20.27:4123
-
auth_value
cddc991efd6918ad5321d80dac884b40
Targets
-
-
Target
0023ba22d9ea5a6a6ca0c8c456d4bda593e9c572b1a6f57f44a0126254795ee6.bin
-
Size
525KB
-
MD5
a964adab8136ef1da5a4cc47f17a3d84
-
SHA1
308c8f3a0d27d392e2f864e8e7104c9fe8028496
-
SHA256
0023ba22d9ea5a6a6ca0c8c456d4bda593e9c572b1a6f57f44a0126254795ee6
-
SHA512
f1ef543180cbfdcdc20136fdf28e63a8b4035d7508f83964b0969f849fb75bfe3417fdda1f7519f6cbebb2789698d00fff7ec360f007cb0c4aea2b3ae2da4fff
-
SSDEEP
12288:+MrEy90Ik713I84pjWAaAsMzROc6PCvfj3wtgWX3:CydktIPpzZUtgWX3
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-