General
-
Target
ff5d1e04d3ab7b200989a063c75e2461.bin
-
Size
537KB
-
Sample
230606-clme4abf56
-
MD5
e564825538b6d08df771893c43a2a162
-
SHA1
0da69dd77dbb8b304161c5e5b3a26563fc5f68e7
-
SHA256
cc4a967f44d97c285dad9070945a709dc6e8b41a5b400b1c489d923c74611f6b
-
SHA512
a564b692373e0756f3e6a79673e5aec2b28fc0640fddf7c9243a2e3c2abb0cce81f88fb166f27c316e96f64d388880ef3b5d5a1a830b1822d0ad5b5b0a68f868
-
SSDEEP
12288:EQa4DZCncwnycLxMLj27C3eynbuQBgJwg56925Sr6fVghMOGwhlxi7OHTxU:EyZCncLcLxcEC3eynbuQFg5m2WZGwByV
Static task
static1
Behavioral task
behavioral1
Sample
53e8c50e13111ea74fe9a0a315dc9311233c7bdde45702e80c40f168668a538e.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
53e8c50e13111ea74fe9a0a315dc9311233c7bdde45702e80c40f168668a538e.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.126:19046
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Targets
-
-
Target
53e8c50e13111ea74fe9a0a315dc9311233c7bdde45702e80c40f168668a538e.exe
-
Size
581KB
-
MD5
ff5d1e04d3ab7b200989a063c75e2461
-
SHA1
6088ab645636e8e954cbfead71308a6f56052d97
-
SHA256
53e8c50e13111ea74fe9a0a315dc9311233c7bdde45702e80c40f168668a538e
-
SHA512
bc04cd141c9a9489234aafc4bd35aaa13a6b43679a8d96079a9e56136506bf3f652117b5e544028c53ae61d7af939f989eab7ffa1ed13146044858ecc3df7b71
-
SSDEEP
12288:8Mrky90O9+7mtSIoKH0XxaIVwomNUXpFs+5B4ZvO+uEs0CIPmsP:Qy1k7WEKMyUXpd5B4ZG+uX0COmsP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-