General
-
Target
e6ca7be8e641224ea5c333b0dc61a3ae0f1f4a1b4b8a3be041c70f4957b74258
-
Size
1.2MB
-
Sample
230318-mrx4wsca23
-
MD5
70f013886028df222e4951090e8d5e14
-
SHA1
1b831d4e49406157a5cf85f6063ffa6d7918002e
-
SHA256
e6ca7be8e641224ea5c333b0dc61a3ae0f1f4a1b4b8a3be041c70f4957b74258
-
SHA512
60ab6fd19c1f918c772275b3a1b5d0db4e79b2261c6f38f361e5decfe11e242e6f095f061a71e274dcedcf6b766310a5be64ce716d79ecd1aaac31c598efac00
-
SSDEEP
24576:LLqRgL+yBbTGv9bti2okQsRVs+CkD8r49sIH:L2RoOF42okQswM
Static task
static1
Behavioral task
behavioral1
Sample
e6ca7be8e641224ea5c333b0dc61a3ae0f1f4a1b4b8a3be041c70f4957b74258.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
mango
193.233.20.28:4125
-
auth_value
ecf79d7f5227d998a3501c972d915d23
Targets
-
-
Target
e6ca7be8e641224ea5c333b0dc61a3ae0f1f4a1b4b8a3be041c70f4957b74258
-
Size
1.2MB
-
MD5
70f013886028df222e4951090e8d5e14
-
SHA1
1b831d4e49406157a5cf85f6063ffa6d7918002e
-
SHA256
e6ca7be8e641224ea5c333b0dc61a3ae0f1f4a1b4b8a3be041c70f4957b74258
-
SHA512
60ab6fd19c1f918c772275b3a1b5d0db4e79b2261c6f38f361e5decfe11e242e6f095f061a71e274dcedcf6b766310a5be64ce716d79ecd1aaac31c598efac00
-
SSDEEP
24576:LLqRgL+yBbTGv9bti2okQsRVs+CkD8r49sIH:L2RoOF42okQswM
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-