General
-
Target
4f548eda618efe4ba011c51105b29a13.exe
-
Size
578KB
-
Sample
230610-zdj2bsge6t
-
MD5
4f548eda618efe4ba011c51105b29a13
-
SHA1
d666ae299cc1b5e9348c16c9f1fd67fafcfe1795
-
SHA256
e127e0e44449a6b22815cb287eb366ecd5dd82faeac5a0297ceefd579107f8d5
-
SHA512
de9c4d5e26870c4cab5f6657243aa61fae010fb15d60662b81c7ab16720589c7df39c626aecf98dd3d50c1794172026a180bbe86d8f545610ad9e720e1320eae
-
SSDEEP
12288:UMrYy90YVN4nDS0k4imT++D6wvd8VwAHJ1emvuNfj7B/:8yZVKm0kakwvd8Vwkem2z
Static task
static1
Behavioral task
behavioral1
Sample
4f548eda618efe4ba011c51105b29a13.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
4f548eda618efe4ba011c51105b29a13.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
dast
83.97.73.129:19068
-
auth_value
17d71bf1a3f93284f5848e00b0dd8222
Targets
-
-
Target
4f548eda618efe4ba011c51105b29a13.exe
-
Size
578KB
-
MD5
4f548eda618efe4ba011c51105b29a13
-
SHA1
d666ae299cc1b5e9348c16c9f1fd67fafcfe1795
-
SHA256
e127e0e44449a6b22815cb287eb366ecd5dd82faeac5a0297ceefd579107f8d5
-
SHA512
de9c4d5e26870c4cab5f6657243aa61fae010fb15d60662b81c7ab16720589c7df39c626aecf98dd3d50c1794172026a180bbe86d8f545610ad9e720e1320eae
-
SSDEEP
12288:UMrYy90YVN4nDS0k4imT++D6wvd8VwAHJ1emvuNfj7B/:8yZVKm0kakwvd8Vwkem2z
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-