General
-
Target
d63df2ddd4f2ae5f3b4cba171ddaa6182c5177b8942cf623db25099063ab493a
-
Size
1.0MB
-
Sample
230408-hx4reacc59
-
MD5
0cd3b3aa3f1a182f3a7502be7966039c
-
SHA1
a495ff5d0c71f1c0a7a7b4b91254cce5c6815d93
-
SHA256
d63df2ddd4f2ae5f3b4cba171ddaa6182c5177b8942cf623db25099063ab493a
-
SHA512
5fde1e64065e0af693c99a24384eb9844c4b7d41f8da6cbe2e4e1b91fbe623bc866bd7eba1f716b6584deb05813134bd9cb4855749193919e1831cababdc9af9
-
SSDEEP
24576:SusZZe3gfRLVp2b8vnI0zGHHRBx6i7O7evx:Sus+3gfRJUcnwH0i7aM
Static task
static1
Behavioral task
behavioral1
Sample
d63df2ddd4f2ae5f3b4cba171ddaa6182c5177b8942cf623db25099063ab493a.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
d63df2ddd4f2ae5f3b4cba171ddaa6182c5177b8942cf623db25099063ab493a.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
mango
193.233.20.28:4125
-
auth_value
ecf79d7f5227d998a3501c972d915d23
Targets
-
-
Target
d63df2ddd4f2ae5f3b4cba171ddaa6182c5177b8942cf623db25099063ab493a
-
Size
1.0MB
-
MD5
0cd3b3aa3f1a182f3a7502be7966039c
-
SHA1
a495ff5d0c71f1c0a7a7b4b91254cce5c6815d93
-
SHA256
d63df2ddd4f2ae5f3b4cba171ddaa6182c5177b8942cf623db25099063ab493a
-
SHA512
5fde1e64065e0af693c99a24384eb9844c4b7d41f8da6cbe2e4e1b91fbe623bc866bd7eba1f716b6584deb05813134bd9cb4855749193919e1831cababdc9af9
-
SSDEEP
24576:SusZZe3gfRLVp2b8vnI0zGHHRBx6i7O7evx:Sus+3gfRJUcnwH0i7aM
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-