General
-
Target
f3ac6a89a13c62884f763738f1dcbc080cc89d0ec6f35eb63137f0a8aeb7a815
-
Size
581KB
-
Sample
230605-efrhzaeg42
-
MD5
22ae7a8cc3b17564f6f2d62081788a58
-
SHA1
3802ae29e91dae37deef67c2e7fa6a0fff68d52b
-
SHA256
f3ac6a89a13c62884f763738f1dcbc080cc89d0ec6f35eb63137f0a8aeb7a815
-
SHA512
5a73e1ccd4c4aa84e9eda5d9e204005a77b165c7fffe5018506a13b981eb9b8e8908caeb3c21ef702549779e5840f5dcfd59742e40ff691a25d51eaff18c6171
-
SSDEEP
12288:eMrry90K9wFpYaPEtp3q6pcxDM36Bbc4eFzIPchK6I2:Ny3GCaw3I3BIZDYt2
Malware Config
Extracted
redline
maxi
83.97.73.126:19046
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
f3ac6a89a13c62884f763738f1dcbc080cc89d0ec6f35eb63137f0a8aeb7a815
-
Size
581KB
-
MD5
22ae7a8cc3b17564f6f2d62081788a58
-
SHA1
3802ae29e91dae37deef67c2e7fa6a0fff68d52b
-
SHA256
f3ac6a89a13c62884f763738f1dcbc080cc89d0ec6f35eb63137f0a8aeb7a815
-
SHA512
5a73e1ccd4c4aa84e9eda5d9e204005a77b165c7fffe5018506a13b981eb9b8e8908caeb3c21ef702549779e5840f5dcfd59742e40ff691a25d51eaff18c6171
-
SSDEEP
12288:eMrry90K9wFpYaPEtp3q6pcxDM36Bbc4eFzIPchK6I2:Ny3GCaw3I3BIZDYt2
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Windows security modification
-
Adds Run key to start application
-