General
-
Target
4a06807be2bf55b95c1e26032f4308aa14ab90d692bafb6f1bd8d60f5ab33c7f
-
Size
1.2MB
-
Sample
230408-hvnx6scb75
-
MD5
8357a53503ae45c2bb1f5061d75979a3
-
SHA1
1258a8a8eeacf22a1522d9363ca20a6b03441fc9
-
SHA256
4a06807be2bf55b95c1e26032f4308aa14ab90d692bafb6f1bd8d60f5ab33c7f
-
SHA512
5698030143ba499e3680c942240cf5e0629a17be4331924dfc1cfc31d395f85bb7f5a383a22d50974158b5c65d3cfb30c58fa84b658c0e4f2b2552dedb1dfbf3
-
SSDEEP
24576:lnLCqjLUI8q58upBK+vy+S2/Z8qqBrvDIV:lLNjLUd+bpBKqyc/GP
Static task
static1
Behavioral task
behavioral1
Sample
4a06807be2bf55b95c1e26032f4308aa14ab90d692bafb6f1bd8d60f5ab33c7f.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
4a06807be2bf55b95c1e26032f4308aa14ab90d692bafb6f1bd8d60f5ab33c7f.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
mango
193.233.20.28:4125
-
auth_value
ecf79d7f5227d998a3501c972d915d23
Targets
-
-
Target
4a06807be2bf55b95c1e26032f4308aa14ab90d692bafb6f1bd8d60f5ab33c7f
-
Size
1.2MB
-
MD5
8357a53503ae45c2bb1f5061d75979a3
-
SHA1
1258a8a8eeacf22a1522d9363ca20a6b03441fc9
-
SHA256
4a06807be2bf55b95c1e26032f4308aa14ab90d692bafb6f1bd8d60f5ab33c7f
-
SHA512
5698030143ba499e3680c942240cf5e0629a17be4331924dfc1cfc31d395f85bb7f5a383a22d50974158b5c65d3cfb30c58fa84b658c0e4f2b2552dedb1dfbf3
-
SSDEEP
24576:lnLCqjLUI8q58upBK+vy+S2/Z8qqBrvDIV:lLNjLUd+bpBKqyc/GP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-