General
-
Target
df3c5dcfcf374a5a410dea7fddfc119489ce1425abb1f05b944223b48bcf8679
-
Size
890KB
-
Sample
230507-jgzyysgf3w
-
MD5
992b76f941ba8c766d32a4d3f9cad057
-
SHA1
06eeea44a2b10728c8fe26173438a5dd54c0394f
-
SHA256
df3c5dcfcf374a5a410dea7fddfc119489ce1425abb1f05b944223b48bcf8679
-
SHA512
39d59988e8f01f49aa670204e46fe8d1f3629f1fae5810f646bbb6ed8667f8bd4073502fb7048e53c178cfae0829d899d5f30ce4d5e0a1022537fc4531e59367
-
SSDEEP
24576:typkLYKK2ByJ1N3nrRVAKkjHqy2/CvETqhlB47aYRk:IpabCN3r8iqfB42YR
Static task
static1
Behavioral task
behavioral1
Sample
df3c5dcfcf374a5a410dea7fddfc119489ce1425abb1f05b944223b48bcf8679.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
df3c5dcfcf374a5a410dea7fddfc119489ce1425abb1f05b944223b48bcf8679.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
gena
185.161.248.73:4164
-
auth_value
d05bf43eef533e262271449829751d07
Extracted
redline
dante
185.161.248.73:4164
-
auth_value
f4066af6b8a6f23125c8ee48288a3f90
Targets
-
-
Target
df3c5dcfcf374a5a410dea7fddfc119489ce1425abb1f05b944223b48bcf8679
-
Size
890KB
-
MD5
992b76f941ba8c766d32a4d3f9cad057
-
SHA1
06eeea44a2b10728c8fe26173438a5dd54c0394f
-
SHA256
df3c5dcfcf374a5a410dea7fddfc119489ce1425abb1f05b944223b48bcf8679
-
SHA512
39d59988e8f01f49aa670204e46fe8d1f3629f1fae5810f646bbb6ed8667f8bd4073502fb7048e53c178cfae0829d899d5f30ce4d5e0a1022537fc4531e59367
-
SSDEEP
24576:typkLYKK2ByJ1N3nrRVAKkjHqy2/CvETqhlB47aYRk:IpabCN3r8iqfB42YR
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-