General
-
Target
67cb24408b08e62617b1145edb377b371561e7cf98a82e423b574ce1a88c187b
-
Size
1.2MB
-
Sample
230318-nrxzkaeb81
-
MD5
60572a9a832d3b1df012e35326567834
-
SHA1
a182a00be335f37e8f4a1a494ea7bd7379e48db1
-
SHA256
67cb24408b08e62617b1145edb377b371561e7cf98a82e423b574ce1a88c187b
-
SHA512
edbe301bf20573119e573d25b26326fae67a9be5e46e4a07266b8ec785148e741f7a2e9ab8b89c0f15b281cd2106087d23344496643f6f4e9771ed57fa63bb48
-
SSDEEP
24576:zLqRgL+yBbTGv9bti2okQsRVs+CkD8r49sIH:z2RoOF42okQswM
Static task
static1
Behavioral task
behavioral1
Sample
67cb24408b08e62617b1145edb377b371561e7cf98a82e423b574ce1a88c187b.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
mango
193.233.20.28:4125
-
auth_value
ecf79d7f5227d998a3501c972d915d23
Targets
-
-
Target
67cb24408b08e62617b1145edb377b371561e7cf98a82e423b574ce1a88c187b
-
Size
1.2MB
-
MD5
60572a9a832d3b1df012e35326567834
-
SHA1
a182a00be335f37e8f4a1a494ea7bd7379e48db1
-
SHA256
67cb24408b08e62617b1145edb377b371561e7cf98a82e423b574ce1a88c187b
-
SHA512
edbe301bf20573119e573d25b26326fae67a9be5e46e4a07266b8ec785148e741f7a2e9ab8b89c0f15b281cd2106087d23344496643f6f4e9771ed57fa63bb48
-
SSDEEP
24576:zLqRgL+yBbTGv9bti2okQsRVs+CkD8r49sIH:z2RoOF42okQswM
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-