General
-
Target
ad6c606d3b511b51388c6c80565ae57481b238ae21fc13ff974d9271d952eb00
-
Size
1.2MB
-
Sample
230507-gdv5gsfb5z
-
MD5
eea46405f5a1bbbeb886dafd09ddd5de
-
SHA1
b536458cd90782e11b6a9574c501bb3ded1ccac2
-
SHA256
ad6c606d3b511b51388c6c80565ae57481b238ae21fc13ff974d9271d952eb00
-
SHA512
d8e1e0a133e50d732aa46e4e9512005dea66c1472764b0ece11e845985e66d90cbbac5dac63c2a12483f447be33b6cf4fba579476a897d056db8fb31f3180de3
-
SSDEEP
24576:By4B8VrurNCyQi6tBitL5FKQkvttze2eG1s4jBkbQiVE1:04B85OAyQ7CLbKJO27g1+
Static task
static1
Behavioral task
behavioral1
Sample
ad6c606d3b511b51388c6c80565ae57481b238ae21fc13ff974d9271d952eb00.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
ad6c606d3b511b51388c6c80565ae57481b238ae21fc13ff974d9271d952eb00.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
lisa
185.161.248.73:4164
-
auth_value
c2dc311db9820012377b054447d37949
Targets
-
-
Target
ad6c606d3b511b51388c6c80565ae57481b238ae21fc13ff974d9271d952eb00
-
Size
1.2MB
-
MD5
eea46405f5a1bbbeb886dafd09ddd5de
-
SHA1
b536458cd90782e11b6a9574c501bb3ded1ccac2
-
SHA256
ad6c606d3b511b51388c6c80565ae57481b238ae21fc13ff974d9271d952eb00
-
SHA512
d8e1e0a133e50d732aa46e4e9512005dea66c1472764b0ece11e845985e66d90cbbac5dac63c2a12483f447be33b6cf4fba579476a897d056db8fb31f3180de3
-
SSDEEP
24576:By4B8VrurNCyQi6tBitL5FKQkvttze2eG1s4jBkbQiVE1:04B85OAyQ7CLbKJO27g1+
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-