General
-
Target
34be396c201d9f1f273a1f5c69645f83f4f59842375aa859f74ee1d45c1c0d17
-
Size
539KB
-
Sample
230324-nq2lcsgb2y
-
MD5
05593528c655b7470418c5be3d568884
-
SHA1
c0121f6f07f5a415124df6631892e3a78c8e23ea
-
SHA256
34be396c201d9f1f273a1f5c69645f83f4f59842375aa859f74ee1d45c1c0d17
-
SHA512
7f1022a5d9067bf04ad2030f003cb5b867663e2dcb51d5476754e5a165d34c91121cf8eb7c9e7f97aa31e3242415d0e47947a57ad4d7cf428f226e6f17feb26d
-
SSDEEP
12288:2Mrly9047jsWI9wHZxs98ABBXs9UlQbCLd36nT2Z7smAtgf:nyZ7jsWI9wHfs9jBB3QId36nKZZAmf
Static task
static1
Behavioral task
behavioral1
Sample
34be396c201d9f1f273a1f5c69645f83f4f59842375aa859f74ee1d45c1c0d17.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
down
193.233.20.31:4125
-
auth_value
12c31a90c72f5efae8c053a0bd339381
Targets
-
-
Target
34be396c201d9f1f273a1f5c69645f83f4f59842375aa859f74ee1d45c1c0d17
-
Size
539KB
-
MD5
05593528c655b7470418c5be3d568884
-
SHA1
c0121f6f07f5a415124df6631892e3a78c8e23ea
-
SHA256
34be396c201d9f1f273a1f5c69645f83f4f59842375aa859f74ee1d45c1c0d17
-
SHA512
7f1022a5d9067bf04ad2030f003cb5b867663e2dcb51d5476754e5a165d34c91121cf8eb7c9e7f97aa31e3242415d0e47947a57ad4d7cf428f226e6f17feb26d
-
SSDEEP
12288:2Mrly9047jsWI9wHZxs98ABBXs9UlQbCLd36nT2Z7smAtgf:nyZ7jsWI9wHfs9jBB3QId36nKZZAmf
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-