General
-
Target
9db89ee5936d4cae0e3dfd2db544843af796bf43e5a00768e00d2ed6f6127525.bin
-
Size
1.2MB
-
Sample
230505-xb16qagd8x
-
MD5
ba90928dd8042ee77e5df1b93e40274f
-
SHA1
132a70a0120715c225ca9430a899681e96393400
-
SHA256
9db89ee5936d4cae0e3dfd2db544843af796bf43e5a00768e00d2ed6f6127525
-
SHA512
52f5fef81010206dee074d47abaaf694e1d5cd127a512fa5c74ae830ce58eef7c31a24a721fa811a3bdb1d2bfa9fc164768b1fcc875bd13f7f61f6a1d78c7a13
-
SSDEEP
24576:IydZDVti4OzGfmKfb3hZHlK+OHFvsDUgVfodjAwzj3/wXlsJQoW/8L:PdpVti46OnT3XHlPOHJ+XVfmpjvw1smo
Static task
static1
Behavioral task
behavioral1
Sample
9db89ee5936d4cae0e3dfd2db544843af796bf43e5a00768e00d2ed6f6127525.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
9db89ee5936d4cae0e3dfd2db544843af796bf43e5a00768e00d2ed6f6127525.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
gena
185.161.248.73:4164
-
auth_value
d05bf43eef533e262271449829751d07
Extracted
redline
life
185.161.248.73:4164
-
auth_value
8685d11953530b68ad5ec703809d9f91
Targets
-
-
Target
9db89ee5936d4cae0e3dfd2db544843af796bf43e5a00768e00d2ed6f6127525.bin
-
Size
1.2MB
-
MD5
ba90928dd8042ee77e5df1b93e40274f
-
SHA1
132a70a0120715c225ca9430a899681e96393400
-
SHA256
9db89ee5936d4cae0e3dfd2db544843af796bf43e5a00768e00d2ed6f6127525
-
SHA512
52f5fef81010206dee074d47abaaf694e1d5cd127a512fa5c74ae830ce58eef7c31a24a721fa811a3bdb1d2bfa9fc164768b1fcc875bd13f7f61f6a1d78c7a13
-
SSDEEP
24576:IydZDVti4OzGfmKfb3hZHlK+OHFvsDUgVfodjAwzj3/wXlsJQoW/8L:PdpVti46OnT3XHlPOHJ+XVfmpjvw1smo
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-