General
-
Target
f77f9861e658ca8b07a80439861af436d2b7e2b852ed7f32c1ad0e5926585812
-
Size
685KB
-
Sample
230328-j14q9abe7x
-
MD5
bc06d9a5ca6f8b1f80b0bd25eab15683
-
SHA1
4c5fd9b810eeb4b7da071a54a0f6bc8e5141b8b9
-
SHA256
f77f9861e658ca8b07a80439861af436d2b7e2b852ed7f32c1ad0e5926585812
-
SHA512
61fbcd003bb6f97abb9741e3195b85eb94d68ca2855970aeb9174b204ff59eb6db5b588d46cc61a7502991ffe46b0f126c044c86043680ad618ca0299fccdd0f
-
SSDEEP
12288:oMr0y90g4Q3OVLiSH6yjMGRwR5XQydUDtmiL3RG2KkN:8yTh3OVumjMcI5TsmiLsk
Static task
static1
Behavioral task
behavioral1
Sample
f77f9861e658ca8b07a80439861af436d2b7e2b852ed7f32c1ad0e5926585812.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
rosn
176.113.115.145:4125
-
auth_value
050a19e1db4d0024b0f23b37dcf961f4
Targets
-
-
Target
f77f9861e658ca8b07a80439861af436d2b7e2b852ed7f32c1ad0e5926585812
-
Size
685KB
-
MD5
bc06d9a5ca6f8b1f80b0bd25eab15683
-
SHA1
4c5fd9b810eeb4b7da071a54a0f6bc8e5141b8b9
-
SHA256
f77f9861e658ca8b07a80439861af436d2b7e2b852ed7f32c1ad0e5926585812
-
SHA512
61fbcd003bb6f97abb9741e3195b85eb94d68ca2855970aeb9174b204ff59eb6db5b588d46cc61a7502991ffe46b0f126c044c86043680ad618ca0299fccdd0f
-
SSDEEP
12288:oMr0y90g4Q3OVLiSH6yjMGRwR5XQydUDtmiL3RG2KkN:8yTh3OVumjMcI5TsmiLsk
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-