General
-
Target
ea7e4f34dfe29203c6f0a3e08e4fa01546378f4f7d76394bd9b99f87d94d8905.bin
-
Size
1.2MB
-
Sample
230507-j1e3wsag4x
-
MD5
738834f9303df4c0389a0aed898a091c
-
SHA1
824409db6a45be8a3bcbad5820b246a2b71130c1
-
SHA256
ea7e4f34dfe29203c6f0a3e08e4fa01546378f4f7d76394bd9b99f87d94d8905
-
SHA512
6e626d8eb9c9e824e0f4379f926c512089acc35a80b2b9132ee45260752834d2152b33273e788244b4d91dc47489ed79fb6ea07c93ebdf1186a574ad6a7e9e14
-
SSDEEP
24576:kyB+J0sVQ09bihUCswpQkK6fm/nTyAGxgJwWR7kupIvyYUIeuUrT:zYJ0b09PCsFZ/uAGmwWRQuevyXIeuM
Static task
static1
Behavioral task
behavioral1
Sample
ea7e4f34dfe29203c6f0a3e08e4fa01546378f4f7d76394bd9b99f87d94d8905.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
ea7e4f34dfe29203c6f0a3e08e4fa01546378f4f7d76394bd9b99f87d94d8905.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
gena
185.161.248.73:4164
-
auth_value
d05bf43eef533e262271449829751d07
Extracted
redline
life
185.161.248.73:4164
-
auth_value
8685d11953530b68ad5ec703809d9f91
Targets
-
-
Target
ea7e4f34dfe29203c6f0a3e08e4fa01546378f4f7d76394bd9b99f87d94d8905.bin
-
Size
1.2MB
-
MD5
738834f9303df4c0389a0aed898a091c
-
SHA1
824409db6a45be8a3bcbad5820b246a2b71130c1
-
SHA256
ea7e4f34dfe29203c6f0a3e08e4fa01546378f4f7d76394bd9b99f87d94d8905
-
SHA512
6e626d8eb9c9e824e0f4379f926c512089acc35a80b2b9132ee45260752834d2152b33273e788244b4d91dc47489ed79fb6ea07c93ebdf1186a574ad6a7e9e14
-
SSDEEP
24576:kyB+J0sVQ09bihUCswpQkK6fm/nTyAGxgJwWR7kupIvyYUIeuUrT:zYJ0b09PCsFZ/uAGmwWRQuevyXIeuM
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-