General
-
Target
aa237d3a712b090bb3eee03ad50c2593b625f9c0b4555f5b12e615d1701e693b
-
Size
1.1MB
-
Sample
230514-zzenqsdf26
-
MD5
b5c9a17743bfc5850eea486c3ab13c0a
-
SHA1
f4dd884767f77d4f3a878279f0f2cef16bce2e1b
-
SHA256
aa237d3a712b090bb3eee03ad50c2593b625f9c0b4555f5b12e615d1701e693b
-
SHA512
0da286863245e79ddfd2ab5dc0462f518b4da09f15e304323625857a31a88435498c168589687ae2c01919db8089035e2ba4e704e5282aef71fa68e26131aa93
-
SSDEEP
24576:6yGdG/d2CUV4pXpFazsQKsV93cev/RMbQrYGW3ysi7Lgc3:B1MCUeXyZ53/RMaA0gc
Static task
static1
Behavioral task
behavioral1
Sample
aa237d3a712b090bb3eee03ad50c2593b625f9c0b4555f5b12e615d1701e693b.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
linda
185.161.248.75:4132
-
auth_value
21cdc21d041667b9c1679f88a1146770
Targets
-
-
Target
aa237d3a712b090bb3eee03ad50c2593b625f9c0b4555f5b12e615d1701e693b
-
Size
1.1MB
-
MD5
b5c9a17743bfc5850eea486c3ab13c0a
-
SHA1
f4dd884767f77d4f3a878279f0f2cef16bce2e1b
-
SHA256
aa237d3a712b090bb3eee03ad50c2593b625f9c0b4555f5b12e615d1701e693b
-
SHA512
0da286863245e79ddfd2ab5dc0462f518b4da09f15e304323625857a31a88435498c168589687ae2c01919db8089035e2ba4e704e5282aef71fa68e26131aa93
-
SSDEEP
24576:6yGdG/d2CUV4pXpFazsQKsV93cev/RMbQrYGW3ysi7Lgc3:B1MCUeXyZ53/RMaA0gc
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-