General
-
Target
c1f873f35cbce0f4dde0cc7b5443640afe773a01a405ef528c4313dc45ebcfb9
-
Size
1.2MB
-
Sample
230318-ew9dqabb98
-
MD5
845363fa6f2c1757697c6ae084fdc7e6
-
SHA1
b43095dcf1a306b67a8a235f663e248a07d43231
-
SHA256
c1f873f35cbce0f4dde0cc7b5443640afe773a01a405ef528c4313dc45ebcfb9
-
SHA512
f456918bc74bf58c044f23c881509fe6b458cec2780f40338558fcf9448882221b36f3d9c051c4fe8f488c1d5903234d3a8d64baaa941e39191662acba1fe1cc
-
SSDEEP
24576:onLCqjLUI8q58upBK+vy+S2/Z8qqBrvDIV:oLNjLUd+bpBKqyc/GP
Static task
static1
Behavioral task
behavioral1
Sample
c1f873f35cbce0f4dde0cc7b5443640afe773a01a405ef528c4313dc45ebcfb9.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
mango
193.233.20.28:4125
-
auth_value
ecf79d7f5227d998a3501c972d915d23
Targets
-
-
Target
c1f873f35cbce0f4dde0cc7b5443640afe773a01a405ef528c4313dc45ebcfb9
-
Size
1.2MB
-
MD5
845363fa6f2c1757697c6ae084fdc7e6
-
SHA1
b43095dcf1a306b67a8a235f663e248a07d43231
-
SHA256
c1f873f35cbce0f4dde0cc7b5443640afe773a01a405ef528c4313dc45ebcfb9
-
SHA512
f456918bc74bf58c044f23c881509fe6b458cec2780f40338558fcf9448882221b36f3d9c051c4fe8f488c1d5903234d3a8d64baaa941e39191662acba1fe1cc
-
SSDEEP
24576:onLCqjLUI8q58upBK+vy+S2/Z8qqBrvDIV:oLNjLUd+bpBKqyc/GP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-