General
-
Target
a18f6cf520e6789de67b030aa1a1ee4a625688b1ea956e07001d71e7dccc92fd.zip
-
Size
130KB
-
Sample
230328-nsa67aag28
-
MD5
37ff982cab67e09853fed83193320549
-
SHA1
f472d9a2b4f039cc6240cff9332aa26ab8d7bc0c
-
SHA256
7492380e2ce0aa0eb48e74fbea75227057fdc264a6540327cdb1689c5d49f18c
-
SHA512
4ef76098b5d447122427e465c0d29975bd335220bb38dd8273ecf3cfa5e3aa4a438b71f7190eca4fbd0c170ae48a252c2746cd28df6912cf4a47b581fdb3d74f
-
SSDEEP
3072:2orhzoS8Md/vvc3O5Vh7tsEgrXKIaFOnrkWbum/b9n3YvYFlDOBJS:2oVzYMdU4VvVIegcm/blYvcmJS
Behavioral task
behavioral1
Sample
a18f6cf520e6789de67b030aa1a1ee4a625688b1ea956e07001d71e7dccc92fd.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
a18f6cf520e6789de67b030aa1a1ee4a625688b1ea956e07001d71e7dccc92fd.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
amazon
185.156.72.48:26464
-
auth_value
9132ba0b711dcd3607fc18072ecd46ef
Targets
-
-
Target
a18f6cf520e6789de67b030aa1a1ee4a625688b1ea956e07001d71e7dccc92fd
-
Size
337KB
-
MD5
683e329bc5b4fa71056f9ce6de0b50f9
-
SHA1
cfd1bc6574b112cbb4e5e572242b7fb341f7459c
-
SHA256
a18f6cf520e6789de67b030aa1a1ee4a625688b1ea956e07001d71e7dccc92fd
-
SHA512
19aafd110f267ade2c7ca8f872f1e4e27a398ab821937f241c6fb80d2f1e68bbb6ff2a67eeedd63e90f754f2bad37ebd967f4060ba16fd52c75a383f9505b478
-
SSDEEP
6144:HRY/IwBjjd6Mn2rm2X1Nl2eQ5iHCGcgTjRjI36fQWfva3RJB4i6R0wjnH:OR6gwAgHCGcgTjRjI36fQWfva3RJB4ia
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-