General
-
Target
ce55e34a4f683b14c244ebac4d6d3655e3b7e0370e6c13140e80919d19dccd08
-
Size
1.2MB
-
Sample
230318-el27nadb7s
-
MD5
893babe736b158cbef86b6ecabff038a
-
SHA1
fddd3e5c4ce4360db81cd2578e1f509d19b44430
-
SHA256
ce55e34a4f683b14c244ebac4d6d3655e3b7e0370e6c13140e80919d19dccd08
-
SHA512
e7bc6f8a59054dc703e0117f5a544d58510b8eeeca3ee72e0e8ea255553da8479ae15f831ce4f908ff10e676a0bf9fa67201f8921d84c36701ede67686cbc82b
-
SSDEEP
24576:QnLCqjLUI8q58upBK+vy+S2/Z8qqBrvDIV:QLNjLUd+bpBKqyc/GP
Static task
static1
Behavioral task
behavioral1
Sample
ce55e34a4f683b14c244ebac4d6d3655e3b7e0370e6c13140e80919d19dccd08.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
mango
193.233.20.28:4125
-
auth_value
ecf79d7f5227d998a3501c972d915d23
Targets
-
-
Target
ce55e34a4f683b14c244ebac4d6d3655e3b7e0370e6c13140e80919d19dccd08
-
Size
1.2MB
-
MD5
893babe736b158cbef86b6ecabff038a
-
SHA1
fddd3e5c4ce4360db81cd2578e1f509d19b44430
-
SHA256
ce55e34a4f683b14c244ebac4d6d3655e3b7e0370e6c13140e80919d19dccd08
-
SHA512
e7bc6f8a59054dc703e0117f5a544d58510b8eeeca3ee72e0e8ea255553da8479ae15f831ce4f908ff10e676a0bf9fa67201f8921d84c36701ede67686cbc82b
-
SSDEEP
24576:QnLCqjLUI8q58upBK+vy+S2/Z8qqBrvDIV:QLNjLUd+bpBKqyc/GP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-