General
-
Target
e48e2b63852f1c9912c9020430b69a8af4e972a36772a75f4b4072882a45009d
-
Size
701KB
-
Sample
230327-t9f2nagd5z
-
MD5
95317174f79d9763d85a42482e2e5dde
-
SHA1
bb521d2cde9f4467d322d26ecc4098b87497438f
-
SHA256
e48e2b63852f1c9912c9020430b69a8af4e972a36772a75f4b4072882a45009d
-
SHA512
a470386bff66cacc6acf9f543c273fcfc29ff7a4a43924257ed785406bc68eaf362703aa3455a179304b48413855b3803dcd6cee37998ded43f64bdd2c77968e
-
SSDEEP
12288:mMrLy90hJfkB34RqhO16MiFD0Ljst09PbkxSDqBRvouEEVgh:NyMJf2Nhw6rwLjfjqbEEVgh
Static task
static1
Behavioral task
behavioral1
Sample
e48e2b63852f1c9912c9020430b69a8af4e972a36772a75f4b4072882a45009d.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
sony
193.233.20.33:4125
-
auth_value
1d93d1744381eeb4fcfd7c23ffe0f0b4
Targets
-
-
Target
e48e2b63852f1c9912c9020430b69a8af4e972a36772a75f4b4072882a45009d
-
Size
701KB
-
MD5
95317174f79d9763d85a42482e2e5dde
-
SHA1
bb521d2cde9f4467d322d26ecc4098b87497438f
-
SHA256
e48e2b63852f1c9912c9020430b69a8af4e972a36772a75f4b4072882a45009d
-
SHA512
a470386bff66cacc6acf9f543c273fcfc29ff7a4a43924257ed785406bc68eaf362703aa3455a179304b48413855b3803dcd6cee37998ded43f64bdd2c77968e
-
SSDEEP
12288:mMrLy90hJfkB34RqhO16MiFD0Ljst09PbkxSDqBRvouEEVgh:NyMJf2Nhw6rwLjfjqbEEVgh
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-