General
-
Target
b8c98f298402345de6ea70fa12269eb67babe6dea25440a084b3b3d7c67afc36
-
Size
865KB
-
Sample
230608-gsar4ach23
-
MD5
76980f5b517f1090ce297664ea0d7465
-
SHA1
65a843106e4365b1321181258c5d4f7d34fef4dc
-
SHA256
b8c98f298402345de6ea70fa12269eb67babe6dea25440a084b3b3d7c67afc36
-
SHA512
413356310b088ab29f362887885f735b16cc7e405a8aa0d3d853f2d6e51c357fa68d91ff2da47bc9ed698bc105046631e7deabbb7b4353095ac173d9ff3038b5
-
SSDEEP
12288:eMray90Yytl+T4gA7U/XtGLnyx4EQe3bcy74hpF57wg/my1hu8LiHrt:YyGl6A7U/Xq5EX3bHMfRwgO6/iLt
Static task
static1
Behavioral task
behavioral1
Sample
b8c98f298402345de6ea70fa12269eb67babe6dea25440a084b3b3d7c67afc36.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
lupa
83.97.73.129:19068
-
auth_value
6a764aa41830c77712442516d143bc9c
Targets
-
-
Target
b8c98f298402345de6ea70fa12269eb67babe6dea25440a084b3b3d7c67afc36
-
Size
865KB
-
MD5
76980f5b517f1090ce297664ea0d7465
-
SHA1
65a843106e4365b1321181258c5d4f7d34fef4dc
-
SHA256
b8c98f298402345de6ea70fa12269eb67babe6dea25440a084b3b3d7c67afc36
-
SHA512
413356310b088ab29f362887885f735b16cc7e405a8aa0d3d853f2d6e51c357fa68d91ff2da47bc9ed698bc105046631e7deabbb7b4353095ac173d9ff3038b5
-
SSDEEP
12288:eMray90Yytl+T4gA7U/XtGLnyx4EQe3bcy74hpF57wg/my1hu8LiHrt:YyGl6A7U/Xq5EX3bHMfRwgO6/iLt
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-