General
-
Target
cae22920e1a922ca7820074785c5da58b081243779f2dcbba7def7850a87f376
-
Size
580KB
-
Sample
230605-kfe3tsga6t
-
MD5
63aa5505e68b0f1bce5d3f13df4eada5
-
SHA1
28c4a169f021fc7947e84c5527b2ca8d9bd2735f
-
SHA256
cae22920e1a922ca7820074785c5da58b081243779f2dcbba7def7850a87f376
-
SHA512
5e03bb79c9b268a25406ca6291822ffae77917ac1635a6fdbf2d88b312b07cfa6c293f44d9c900b07b1f5802c7642e96bbaf275d2a4f1751a06ea23b7e806a93
-
SSDEEP
12288:XMrvy90+tIL5OYNRmylbRk4pwKLwr8oLgeS65Rq53GCBkVW:YyZt7Y+yLpnLS8oc2Or
Malware Config
Extracted
redline
maxi
83.97.73.126:19046
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
cae22920e1a922ca7820074785c5da58b081243779f2dcbba7def7850a87f376
-
Size
580KB
-
MD5
63aa5505e68b0f1bce5d3f13df4eada5
-
SHA1
28c4a169f021fc7947e84c5527b2ca8d9bd2735f
-
SHA256
cae22920e1a922ca7820074785c5da58b081243779f2dcbba7def7850a87f376
-
SHA512
5e03bb79c9b268a25406ca6291822ffae77917ac1635a6fdbf2d88b312b07cfa6c293f44d9c900b07b1f5802c7642e96bbaf275d2a4f1751a06ea23b7e806a93
-
SSDEEP
12288:XMrvy90+tIL5OYNRmylbRk4pwKLwr8oLgeS65Rq53GCBkVW:YyZt7Y+yLpnLS8oc2Or
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Windows security modification
-
Adds Run key to start application
-