General
-
Target
fce7ead3250bc1287c04c213d43dcc29.bin
-
Size
987KB
-
Sample
230523-crfvhade27
-
MD5
99c32713d875449f4053791d1ec0a446
-
SHA1
b8e44f32f3674448f9fd7000d2036e131453b4db
-
SHA256
159463dee43611455ae7edebf0518f670a39926c405b2c37fadf6dd196a3b1f5
-
SHA512
07394fb826a5da9e6475a56b9cd5aca9595b90722e220e9e12262b418f192f3731cbe0109afe74f3dbe898aca54dbe025c019724e457358256856d929cf60d93
-
SSDEEP
24576:2DnRNwlPSkTKeKxsUk1r77eNoojmuF4VWey6:2DnoPDesRo9jmQzey6
Static task
static1
Behavioral task
behavioral1
Sample
d6e45d6b938e6eff9382d0b1c5ac247b1064a39eb79aa830e3b61470157b333c.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
d6e45d6b938e6eff9382d0b1c5ac247b1064a39eb79aa830e3b61470157b333c.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
diza
185.161.248.37:4138
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
d6e45d6b938e6eff9382d0b1c5ac247b1064a39eb79aa830e3b61470157b333c.exe
-
Size
1.0MB
-
MD5
fce7ead3250bc1287c04c213d43dcc29
-
SHA1
22ef077ef6dff28dc5b6cd35f162b892e4186a10
-
SHA256
d6e45d6b938e6eff9382d0b1c5ac247b1064a39eb79aa830e3b61470157b333c
-
SHA512
b8056f891f91e1c949a620351028999e8422c1315d19ccc2c9085f58470d6ee36e9e5ea93b50920c4419f51206ab8a062cc760bf4f42dff80051e2bd6e8e1634
-
SSDEEP
24576:ly0swK5sbyRwk70RsYl4CNKBufT30Tuk7/b:AiK5sbywl4C7fT30TT/
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-