General
-
Target
09b8353ba30da7abd836ea8b2bce535e.bin
-
Size
531KB
-
Sample
230614-bdlm6acf6s
-
MD5
575e4324b5e346a56ac597c675a05077
-
SHA1
54b1538f9ea1762ccf058875961246236db19693
-
SHA256
3de6feab0f88fea9cf115ca6d02d0a0194f7f5bd744ddb7645f0510404d86306
-
SHA512
ed63fe63a5ed911e6f277ae2e059ba6b6edb0eecb069e1db8a5b29a610f277048882c5d741c59688618b1bc104314d81615fca7d2812c6303e98bde8ecb739f5
-
SSDEEP
12288:8AVrciClXp5KWCUCtP3B7Oy9DEWrEU0wK216IobvXIHvNR:tVAisTfW3ByyhrEU0wHHQf0NR
Static task
static1
Behavioral task
behavioral1
Sample
4fe304e1ceef6b6a6cd174669f74707f5d832911fc7cbc6a07e50c84d1703c4f.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
4fe304e1ceef6b6a6cd174669f74707f5d832911fc7cbc6a07e50c84d1703c4f.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
doro
83.97.73.129:19068
-
auth_value
03f411441fb3fa233179c2cc8ffbce27
Targets
-
-
Target
4fe304e1ceef6b6a6cd174669f74707f5d832911fc7cbc6a07e50c84d1703c4f.exe
-
Size
575KB
-
MD5
09b8353ba30da7abd836ea8b2bce535e
-
SHA1
ee3a106546f8e19477b91463685b75a4c161de56
-
SHA256
4fe304e1ceef6b6a6cd174669f74707f5d832911fc7cbc6a07e50c84d1703c4f
-
SHA512
82fbe09471c47202062ecc3c1a746612fbea5b6f6ab9a07273812bfff5839fb1d008f2f08d42731710f6045981834e5297099804df684c24cce99a294fe3bc58
-
SSDEEP
12288:SMrUy905YmSPZYR0J0UkAswi8fOm1UrEBIITGxwbT5tC5QG4W:Syj7xgI0U5hWu2E/TGk3ha
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-