General
-
Target
e1d09448f87493ceb0415282bb721cc5cf5dd62e17da81fa827cf8e8a1d1ec0d
-
Size
680KB
-
Sample
230324-nth87agb4v
-
MD5
35188df297ad2332843a5dfd1d22c1c8
-
SHA1
805e5fe0814e098cb44ae677e9869ec8c0f25818
-
SHA256
e1d09448f87493ceb0415282bb721cc5cf5dd62e17da81fa827cf8e8a1d1ec0d
-
SHA512
ae32b035c29816030fdc47902c86c39203632cc50cb9c38946ee956e232348779ae08b5e6c15627ab55619095f161fa2d1362454df7afc7631173234d679edb5
-
SSDEEP
12288:VmMzFXFWH+sb7gsOV4Fcie32MPCXBCL2y/EArnF7mUeqlBCKVO2Ri:J2HD26KieG1Xs/E6F7mJqlBCKHI
Static task
static1
Behavioral task
behavioral1
Sample
e1d09448f87493ceb0415282bb721cc5cf5dd62e17da81fa827cf8e8a1d1ec0d.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
down
193.233.20.31:4125
-
auth_value
12c31a90c72f5efae8c053a0bd339381
Targets
-
-
Target
e1d09448f87493ceb0415282bb721cc5cf5dd62e17da81fa827cf8e8a1d1ec0d
-
Size
680KB
-
MD5
35188df297ad2332843a5dfd1d22c1c8
-
SHA1
805e5fe0814e098cb44ae677e9869ec8c0f25818
-
SHA256
e1d09448f87493ceb0415282bb721cc5cf5dd62e17da81fa827cf8e8a1d1ec0d
-
SHA512
ae32b035c29816030fdc47902c86c39203632cc50cb9c38946ee956e232348779ae08b5e6c15627ab55619095f161fa2d1362454df7afc7631173234d679edb5
-
SSDEEP
12288:VmMzFXFWH+sb7gsOV4Fcie32MPCXBCL2y/EArnF7mUeqlBCKVO2Ri:J2HD26KieG1Xs/E6F7mJqlBCKHI
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-