General
-
Target
e5111c6533c0009b6277702edb5e569a22e7c9ff85d08c227a2ada62a5e73d96
-
Size
708KB
-
Sample
230411-nyd52adh4s
-
MD5
66ba1ecd2f68a65a2fe5204d48967cd3
-
SHA1
34bb218ff4ad2ef317ad130849a6848af4479b56
-
SHA256
e5111c6533c0009b6277702edb5e569a22e7c9ff85d08c227a2ada62a5e73d96
-
SHA512
9c8ec2a613182c79d224ab05523dc8c4be534f89ac2c4d61b64653af3d5c5c51080b99e3fea12486d0dbc8dba23397c724de9b20e2a860a30a2626a98bebe132
-
SSDEEP
12288:3Mrkay90D0TW3T1xA1yefJchDYvKuTULm/tRixa24jc+J3z7OUqpdU1U6:eyKxmy42BY8SRyabjVQPI
Static task
static1
Behavioral task
behavioral1
Sample
e5111c6533c0009b6277702edb5e569a22e7c9ff85d08c227a2ada62a5e73d96.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
rosn
176.113.115.145:4125
-
auth_value
050a19e1db4d0024b0f23b37dcf961f4
Targets
-
-
Target
e5111c6533c0009b6277702edb5e569a22e7c9ff85d08c227a2ada62a5e73d96
-
Size
708KB
-
MD5
66ba1ecd2f68a65a2fe5204d48967cd3
-
SHA1
34bb218ff4ad2ef317ad130849a6848af4479b56
-
SHA256
e5111c6533c0009b6277702edb5e569a22e7c9ff85d08c227a2ada62a5e73d96
-
SHA512
9c8ec2a613182c79d224ab05523dc8c4be534f89ac2c4d61b64653af3d5c5c51080b99e3fea12486d0dbc8dba23397c724de9b20e2a860a30a2626a98bebe132
-
SSDEEP
12288:3Mrkay90D0TW3T1xA1yefJchDYvKuTULm/tRixa24jc+J3z7OUqpdU1U6:eyKxmy42BY8SRyabjVQPI
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-