General
-
Target
f125d452d4cfd90efa6ff0b4bc4e12c2.exe
-
Size
781KB
-
Sample
230612-stl3asdc8y
-
MD5
f125d452d4cfd90efa6ff0b4bc4e12c2
-
SHA1
1be18b41815ebdf4049bb53d290dce80df79e55a
-
SHA256
a8d25eebb258abb8283ec3124a7a95fc1c684665ce8869932591d4abfcf0a5a0
-
SHA512
a3832fd71e030eea72e6313a0e22108a1447d1e7b7065378de326ea25a26b53f1c6dd9655a9f0d3cbdb0c3b7482006631ca0c55749ac2f1a0d48d576b6de792e
-
SSDEEP
12288:7Mr1y90ba0iaHKGZ+lZ5gKHQHVDbtewrDNB3YzgjMNi0CS4TohKR9yaqnPFxmMxs:6yb0vH5ZE8Kutec8gz0hQJR8j8MG
Static task
static1
Behavioral task
behavioral1
Sample
f125d452d4cfd90efa6ff0b4bc4e12c2.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
f125d452d4cfd90efa6ff0b4bc4e12c2.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
boris
83.97.73.129:19068
-
auth_value
205e4fccc0f8c7da1d56fb1da4ac5e6a
Targets
-
-
Target
f125d452d4cfd90efa6ff0b4bc4e12c2.exe
-
Size
781KB
-
MD5
f125d452d4cfd90efa6ff0b4bc4e12c2
-
SHA1
1be18b41815ebdf4049bb53d290dce80df79e55a
-
SHA256
a8d25eebb258abb8283ec3124a7a95fc1c684665ce8869932591d4abfcf0a5a0
-
SHA512
a3832fd71e030eea72e6313a0e22108a1447d1e7b7065378de326ea25a26b53f1c6dd9655a9f0d3cbdb0c3b7482006631ca0c55749ac2f1a0d48d576b6de792e
-
SSDEEP
12288:7Mr1y90ba0iaHKGZ+lZ5gKHQHVDbtewrDNB3YzgjMNi0CS4TohKR9yaqnPFxmMxs:6yb0vH5ZE8Kutec8gz0hQJR8j8MG
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-