General
-
Target
e99c9c9d19c2c23059f2ad8364d57324f58088017d4b2edf440760b4b2613f9a
-
Size
1.1MB
-
Sample
230514-1h1ejsfh8s
-
MD5
8e0ce3a73c56a5f119554a66bfc779cf
-
SHA1
a386c778371a2c8ce9af5d0d82d1134a9b04006c
-
SHA256
e99c9c9d19c2c23059f2ad8364d57324f58088017d4b2edf440760b4b2613f9a
-
SHA512
a85eef9bfdbbd9cb6e613381b4dbdd0fa3a3bf21ffbba6ca341b051e67ee1c36b0aa273754c08ea1d1a012580d7864a88c672e4f166bd96c9e65dd8f4b0eac11
-
SSDEEP
24576:MyvgC6cCVwVeZ3oiEI3HxvCbF0uDfrrXtF+snVm5c62:7qcCVwV23jh3QJ0uvLGsgb
Static task
static1
Behavioral task
behavioral1
Sample
e99c9c9d19c2c23059f2ad8364d57324f58088017d4b2edf440760b4b2613f9a.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
linda
185.161.248.75:4132
-
auth_value
21cdc21d041667b9c1679f88a1146770
Targets
-
-
Target
e99c9c9d19c2c23059f2ad8364d57324f58088017d4b2edf440760b4b2613f9a
-
Size
1.1MB
-
MD5
8e0ce3a73c56a5f119554a66bfc779cf
-
SHA1
a386c778371a2c8ce9af5d0d82d1134a9b04006c
-
SHA256
e99c9c9d19c2c23059f2ad8364d57324f58088017d4b2edf440760b4b2613f9a
-
SHA512
a85eef9bfdbbd9cb6e613381b4dbdd0fa3a3bf21ffbba6ca341b051e67ee1c36b0aa273754c08ea1d1a012580d7864a88c672e4f166bd96c9e65dd8f4b0eac11
-
SSDEEP
24576:MyvgC6cCVwVeZ3oiEI3HxvCbF0uDfrrXtF+snVm5c62:7qcCVwV23jh3QJ0uvLGsgb
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-