General
-
Target
8b79a601c38c2f4eddd78a8ba9ecd81927631608676428a8d67ec97542b6d824
-
Size
1.1MB
-
Sample
230408-hwqs6acc25
-
MD5
9854db2efa8978d46beb3f8ffcdd9b69
-
SHA1
4db9c4501aa27929760c6aa57879d8610aac7f8d
-
SHA256
8b79a601c38c2f4eddd78a8ba9ecd81927631608676428a8d67ec97542b6d824
-
SHA512
a5755ab308793154a638a3c062218b2b7839935cc73a648f831d163e509a0444170585b63dd974365799fdb160e8c32bfe4933cbbd62566863f8dbcf8a396724
-
SSDEEP
24576:xfAWGVgUEf9R6E1iNQJKFzdHOOTc6nA9AcFn9gyCV5JNNBWUD:xfAWG6L1RP1iUKDOOT0793CTC
Static task
static1
Behavioral task
behavioral1
Sample
8b79a601c38c2f4eddd78a8ba9ecd81927631608676428a8d67ec97542b6d824.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
8b79a601c38c2f4eddd78a8ba9ecd81927631608676428a8d67ec97542b6d824.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
mango
193.233.20.28:4125
-
auth_value
ecf79d7f5227d998a3501c972d915d23
Targets
-
-
Target
8b79a601c38c2f4eddd78a8ba9ecd81927631608676428a8d67ec97542b6d824
-
Size
1.1MB
-
MD5
9854db2efa8978d46beb3f8ffcdd9b69
-
SHA1
4db9c4501aa27929760c6aa57879d8610aac7f8d
-
SHA256
8b79a601c38c2f4eddd78a8ba9ecd81927631608676428a8d67ec97542b6d824
-
SHA512
a5755ab308793154a638a3c062218b2b7839935cc73a648f831d163e509a0444170585b63dd974365799fdb160e8c32bfe4933cbbd62566863f8dbcf8a396724
-
SSDEEP
24576:xfAWGVgUEf9R6E1iNQJKFzdHOOTc6nA9AcFn9gyCV5JNNBWUD:xfAWG6L1RP1iUKDOOT0793CTC
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-