General
-
Target
5ffe8227bd2483e9ec9278a6476b126eed063681aa1663076594709e1f3b0672.bin
-
Size
875KB
-
Sample
230507-c32lcaef98
-
MD5
4f2c119bfc7b5ca41b34c44790696ba2
-
SHA1
ceb15c60a21446f38869a0ca33d91c5a5d01f1f6
-
SHA256
5ffe8227bd2483e9ec9278a6476b126eed063681aa1663076594709e1f3b0672
-
SHA512
13a9e17dc10f5933e3f505c6b9887d0e92ae967e78648a1c964a935967a0fe6e45333ccbabf7ae365d9a5980504ca6915a43820bb022dd3a50c9ed362e247c20
-
SSDEEP
24576:SyBhwccNEWQZZKIGXx4/ohINgf1xCGawD5I4:5BhwJtQZkTX0qImfmGft
Static task
static1
Behavioral task
behavioral1
Sample
5ffe8227bd2483e9ec9278a6476b126eed063681aa1663076594709e1f3b0672.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
5ffe8227bd2483e9ec9278a6476b126eed063681aa1663076594709e1f3b0672.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
gena
185.161.248.73:4164
-
auth_value
d05bf43eef533e262271449829751d07
Extracted
redline
dark
185.161.248.73:4164
-
auth_value
ae85b01f66afe8770afeed560513fc2d
Targets
-
-
Target
5ffe8227bd2483e9ec9278a6476b126eed063681aa1663076594709e1f3b0672.bin
-
Size
875KB
-
MD5
4f2c119bfc7b5ca41b34c44790696ba2
-
SHA1
ceb15c60a21446f38869a0ca33d91c5a5d01f1f6
-
SHA256
5ffe8227bd2483e9ec9278a6476b126eed063681aa1663076594709e1f3b0672
-
SHA512
13a9e17dc10f5933e3f505c6b9887d0e92ae967e78648a1c964a935967a0fe6e45333ccbabf7ae365d9a5980504ca6915a43820bb022dd3a50c9ed362e247c20
-
SSDEEP
24576:SyBhwccNEWQZZKIGXx4/ohINgf1xCGawD5I4:5BhwJtQZkTX0qImfmGft
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-