General
-
Target
84657196a74f9b6e038d15289b313490a86e8aeb03fceda0bd2697d7b5db755c
-
Size
592KB
-
Sample
230608-gn3bjsdd4t
-
MD5
3192a3cba687fc7f37b139bf74af28a5
-
SHA1
7eeb74b600d6ca4d30694081b34ab84515300c4d
-
SHA256
84657196a74f9b6e038d15289b313490a86e8aeb03fceda0bd2697d7b5db755c
-
SHA512
ef9d7aa4c12d0b320dbae061cc9ba3014c83ed24b3e6190703f7bccc095fc56724000ca94c3b95a7fc7a44fd4b890258b464a9a4c91ad1055dfdb5fc920469a4
-
SSDEEP
12288:6MrBy90SdgHtWk/hYgC3yotxux2kiFTpCVDTql5QP9S9V:zy1R3Rf7Jpe3qDM9SL
Static task
static1
Behavioral task
behavioral1
Sample
84657196a74f9b6e038d15289b313490a86e8aeb03fceda0bd2697d7b5db755c.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
diza
83.97.73.129:19068
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
84657196a74f9b6e038d15289b313490a86e8aeb03fceda0bd2697d7b5db755c
-
Size
592KB
-
MD5
3192a3cba687fc7f37b139bf74af28a5
-
SHA1
7eeb74b600d6ca4d30694081b34ab84515300c4d
-
SHA256
84657196a74f9b6e038d15289b313490a86e8aeb03fceda0bd2697d7b5db755c
-
SHA512
ef9d7aa4c12d0b320dbae061cc9ba3014c83ed24b3e6190703f7bccc095fc56724000ca94c3b95a7fc7a44fd4b890258b464a9a4c91ad1055dfdb5fc920469a4
-
SSDEEP
12288:6MrBy90SdgHtWk/hYgC3yotxux2kiFTpCVDTql5QP9S9V:zy1R3Rf7Jpe3qDM9SL
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-