General
-
Target
bc33a029093cf0e66f59202761b462f52da8e944337242dc8f7037a8c204cbe8
-
Size
979KB
-
Sample
230411-nyjeracb83
-
MD5
abec0f609a00ae4c26fc3d0adbcb483a
-
SHA1
03b6d03c8dbe780f5cea4b988e96b17b2e972113
-
SHA256
bc33a029093cf0e66f59202761b462f52da8e944337242dc8f7037a8c204cbe8
-
SHA512
0d7b928f115d979ed373c8e442beb85d51c5fb5c5bbdcb916e853c3656453cdbf70f051ff00e8a49a659aa86433067d2038a0577097a1e94d221c9f711da2a79
-
SSDEEP
24576:+yhkooR3RxPDgnmbt2aAWXD5WRTorGol5Nf:NhkoO/bTxD5LKol5
Static task
static1
Behavioral task
behavioral1
Sample
bc33a029093cf0e66f59202761b462f52da8e944337242dc8f7037a8c204cbe8.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
rosn
176.113.115.145:4125
-
auth_value
050a19e1db4d0024b0f23b37dcf961f4
Targets
-
-
Target
bc33a029093cf0e66f59202761b462f52da8e944337242dc8f7037a8c204cbe8
-
Size
979KB
-
MD5
abec0f609a00ae4c26fc3d0adbcb483a
-
SHA1
03b6d03c8dbe780f5cea4b988e96b17b2e972113
-
SHA256
bc33a029093cf0e66f59202761b462f52da8e944337242dc8f7037a8c204cbe8
-
SHA512
0d7b928f115d979ed373c8e442beb85d51c5fb5c5bbdcb916e853c3656453cdbf70f051ff00e8a49a659aa86433067d2038a0577097a1e94d221c9f711da2a79
-
SSDEEP
24576:+yhkooR3RxPDgnmbt2aAWXD5WRTorGol5Nf:NhkoO/bTxD5LKol5
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-