General
-
Target
86f6fe092085165c3bcf8514074d22ded445641ea33cc3a22a018819719eecbb
-
Size
697KB
-
Sample
230328-ms32jaae42
-
MD5
7aa2b85a1c85f1d54c81fc54c2703bae
-
SHA1
153c0fbf16cc1afc794c98bb97a306208189d62a
-
SHA256
86f6fe092085165c3bcf8514074d22ded445641ea33cc3a22a018819719eecbb
-
SHA512
70330026e3e152438753a47c07c45c3f76530b35b9855f101ff68e4d32c14ac95f46f00f80ade6fabe5c36ca1849b07203e4735ae5ac1caf865246269c331eeb
-
SSDEEP
12288:kMrky90CcA3VYH2KhR0jdZViGPHv88M3FgPL64jGjUAxI9gymv3Xg:QyTYHrqBZVNvv88QKrGjtI9hy3Q
Static task
static1
Behavioral task
behavioral1
Sample
86f6fe092085165c3bcf8514074d22ded445641ea33cc3a22a018819719eecbb.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
rosn
176.113.115.145:4125
-
auth_value
050a19e1db4d0024b0f23b37dcf961f4
Targets
-
-
Target
86f6fe092085165c3bcf8514074d22ded445641ea33cc3a22a018819719eecbb
-
Size
697KB
-
MD5
7aa2b85a1c85f1d54c81fc54c2703bae
-
SHA1
153c0fbf16cc1afc794c98bb97a306208189d62a
-
SHA256
86f6fe092085165c3bcf8514074d22ded445641ea33cc3a22a018819719eecbb
-
SHA512
70330026e3e152438753a47c07c45c3f76530b35b9855f101ff68e4d32c14ac95f46f00f80ade6fabe5c36ca1849b07203e4735ae5ac1caf865246269c331eeb
-
SSDEEP
12288:kMrky90CcA3VYH2KhR0jdZViGPHv88M3FgPL64jGjUAxI9gymv3Xg:QyTYHrqBZVNvv88QKrGjtI9hy3Q
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-