General
-
Target
95b68c3888c89d042ed27e639e0555e0b3a8262ab68a1a72af461493662d4450
-
Size
683KB
-
Sample
230328-jgpszsbd9s
-
MD5
862ffcc71d63e85e41df1391986aa0d4
-
SHA1
71b06733086f137ffa35bdcf4a0b946970f0ceb4
-
SHA256
95b68c3888c89d042ed27e639e0555e0b3a8262ab68a1a72af461493662d4450
-
SHA512
858ee48ad232016f894bc9de06bde22878118f9bd4d14ec1dc68734826f8b604d64bec3dc1c4707f4d52e591cb73647190fda0d5a89dd5b6e766ab85b4751945
-
SSDEEP
12288:kMr2y908oVrr2ULs7H1xMH0rxOzPNvh8pUPVmvL3ILJQ:iyEno1KH0rEJh8pAmvL4u
Static task
static1
Behavioral task
behavioral1
Sample
95b68c3888c89d042ed27e639e0555e0b3a8262ab68a1a72af461493662d4450.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
rosn
176.113.115.145:4125
-
auth_value
050a19e1db4d0024b0f23b37dcf961f4
Targets
-
-
Target
95b68c3888c89d042ed27e639e0555e0b3a8262ab68a1a72af461493662d4450
-
Size
683KB
-
MD5
862ffcc71d63e85e41df1391986aa0d4
-
SHA1
71b06733086f137ffa35bdcf4a0b946970f0ceb4
-
SHA256
95b68c3888c89d042ed27e639e0555e0b3a8262ab68a1a72af461493662d4450
-
SHA512
858ee48ad232016f894bc9de06bde22878118f9bd4d14ec1dc68734826f8b604d64bec3dc1c4707f4d52e591cb73647190fda0d5a89dd5b6e766ab85b4751945
-
SSDEEP
12288:kMr2y908oVrr2ULs7H1xMH0rxOzPNvh8pUPVmvL3ILJQ:iyEno1KH0rEJh8pAmvL4u
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-