General
-
Target
9f9ee66f403c70c599702a3fa4503d01a43547edc9f98fbd792451752ade8aeb
-
Size
591KB
-
Sample
230608-gstj7sch29
-
MD5
d2a9653e031a3b80c8dfb16b39a80454
-
SHA1
c32ef34bd1ae9ef3086facd7a384c7c3a977e4cb
-
SHA256
9f9ee66f403c70c599702a3fa4503d01a43547edc9f98fbd792451752ade8aeb
-
SHA512
acaa6751b6ee03c4f954bc88f03c7a2ea75566234725485131681a2b7eb1a080d8f44631df522001931dd71a3ed3a8f3228fe506f77eb14e35e2241ce49e04b1
-
SSDEEP
12288:uMrQy90DkLeFwa5qiiG2amCkRanJeMfEH/gSicECFED95mO:uyaa7Va3kRanJ1fEHvKeO
Static task
static1
Behavioral task
behavioral1
Sample
9f9ee66f403c70c599702a3fa4503d01a43547edc9f98fbd792451752ade8aeb.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
diza
83.97.73.129:19068
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
9f9ee66f403c70c599702a3fa4503d01a43547edc9f98fbd792451752ade8aeb
-
Size
591KB
-
MD5
d2a9653e031a3b80c8dfb16b39a80454
-
SHA1
c32ef34bd1ae9ef3086facd7a384c7c3a977e4cb
-
SHA256
9f9ee66f403c70c599702a3fa4503d01a43547edc9f98fbd792451752ade8aeb
-
SHA512
acaa6751b6ee03c4f954bc88f03c7a2ea75566234725485131681a2b7eb1a080d8f44631df522001931dd71a3ed3a8f3228fe506f77eb14e35e2241ce49e04b1
-
SSDEEP
12288:uMrQy90DkLeFwa5qiiG2amCkRanJeMfEH/gSicECFED95mO:uyaa7Va3kRanJ1fEHvKeO
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-