General
-
Target
00b60a149b0bd800b2156e7391e1b5cec4e5ed3a2cf0a30cae79896c5a27342c.bin
-
Size
562KB
-
Sample
230312-vdhfaage9t
-
MD5
fd52fc7ea3c250f84819c4c141dc8741
-
SHA1
d650d1ce1216a573a7084a02313e670d0c43c7fc
-
SHA256
00b60a149b0bd800b2156e7391e1b5cec4e5ed3a2cf0a30cae79896c5a27342c
-
SHA512
e2617fa8b4bab1f27da7ea3f63ea319bf27480c59216d7c0fce41227d92bb67b893f5b6004e31bbee4954817279d4dcfc5609cfc5a4797e160e837f54db7141a
-
SSDEEP
12288:9Mriy90RbphHar+91hNPsXKUvNyR2PPgtgDm:Hyabph6691TPsX5NqqPgtg6
Static task
static1
Behavioral task
behavioral1
Sample
00b60a149b0bd800b2156e7391e1b5cec4e5ed3a2cf0a30cae79896c5a27342c.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
00b60a149b0bd800b2156e7391e1b5cec4e5ed3a2cf0a30cae79896c5a27342c.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
fud
193.233.20.27:4123
-
auth_value
cddc991efd6918ad5321d80dac884b40
Targets
-
-
Target
00b60a149b0bd800b2156e7391e1b5cec4e5ed3a2cf0a30cae79896c5a27342c.bin
-
Size
562KB
-
MD5
fd52fc7ea3c250f84819c4c141dc8741
-
SHA1
d650d1ce1216a573a7084a02313e670d0c43c7fc
-
SHA256
00b60a149b0bd800b2156e7391e1b5cec4e5ed3a2cf0a30cae79896c5a27342c
-
SHA512
e2617fa8b4bab1f27da7ea3f63ea319bf27480c59216d7c0fce41227d92bb67b893f5b6004e31bbee4954817279d4dcfc5609cfc5a4797e160e837f54db7141a
-
SSDEEP
12288:9Mriy90RbphHar+91hNPsXKUvNyR2PPgtgDm:Hyabph6691TPsX5NqqPgtg6
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-