General
-
Target
48e8b0f87078121912097ca78e486a124e9c2d26804236f0056976db41117556
-
Size
1.1MB
-
Sample
230514-jlll5add9v
-
MD5
f76d177f5e3bb193bb125847cc01b666
-
SHA1
9b5976c773c732291078b1517875df71350622b7
-
SHA256
48e8b0f87078121912097ca78e486a124e9c2d26804236f0056976db41117556
-
SHA512
353b22432186f1e4bb849167c1745be4383f2588551262387da0b1a4a8c4d7b580bd8d12d2c94ab53861762496b4de67b68caf57b9623b14ef5f8df182f9f648
-
SSDEEP
24576:0yhieNYM9l23siBhN3Yqv5qwHzwLkpqTOmV+MK9YX8fxWuoqUcg1:DhiezO35BzII00zppLmUM6eaxWuGJ
Static task
static1
Behavioral task
behavioral1
Sample
48e8b0f87078121912097ca78e486a124e9c2d26804236f0056976db41117556.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
luka
185.161.248.75:4132
-
auth_value
44560bcd37d6bf076da309730fdb519a
Targets
-
-
Target
48e8b0f87078121912097ca78e486a124e9c2d26804236f0056976db41117556
-
Size
1.1MB
-
MD5
f76d177f5e3bb193bb125847cc01b666
-
SHA1
9b5976c773c732291078b1517875df71350622b7
-
SHA256
48e8b0f87078121912097ca78e486a124e9c2d26804236f0056976db41117556
-
SHA512
353b22432186f1e4bb849167c1745be4383f2588551262387da0b1a4a8c4d7b580bd8d12d2c94ab53861762496b4de67b68caf57b9623b14ef5f8df182f9f648
-
SSDEEP
24576:0yhieNYM9l23siBhN3Yqv5qwHzwLkpqTOmV+MK9YX8fxWuoqUcg1:DhiezO35BzII00zppLmUM6eaxWuGJ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-