General
-
Target
f125d452d4cfd90efa6ff0b4bc4e12c2.bin
-
Size
737KB
-
Sample
230614-dllz1acg62
-
MD5
42f5648b07b4a55ad9b0d733de7cc145
-
SHA1
7a256e4bd3d8e3083b5e18d2a21fd52076a20e30
-
SHA256
bb5446833553eb948d9cdf4b2751bfa08f681b326754256f8b2af862d4f66473
-
SHA512
f13e7a963951adcaad587303311adde8dfe8e4124a0a3d715c08269b39218efb33ebd0d82225990d316f2399d367cc61a7a563c0e4abf2f0ac056b8eced57d27
-
SSDEEP
12288:mSu+ovCCRDJZ1LQf/bYPJkeDImoqcDtrY8DONREkfaIOM5fG:mSd5CRpLQXbYhbDERYR5OM5fG
Static task
static1
Behavioral task
behavioral1
Sample
a8d25eebb258abb8283ec3124a7a95fc1c684665ce8869932591d4abfcf0a5a0.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
a8d25eebb258abb8283ec3124a7a95fc1c684665ce8869932591d4abfcf0a5a0.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
boris
83.97.73.129:19068
-
auth_value
205e4fccc0f8c7da1d56fb1da4ac5e6a
Targets
-
-
Target
a8d25eebb258abb8283ec3124a7a95fc1c684665ce8869932591d4abfcf0a5a0.exe
-
Size
781KB
-
MD5
f125d452d4cfd90efa6ff0b4bc4e12c2
-
SHA1
1be18b41815ebdf4049bb53d290dce80df79e55a
-
SHA256
a8d25eebb258abb8283ec3124a7a95fc1c684665ce8869932591d4abfcf0a5a0
-
SHA512
a3832fd71e030eea72e6313a0e22108a1447d1e7b7065378de326ea25a26b53f1c6dd9655a9f0d3cbdb0c3b7482006631ca0c55749ac2f1a0d48d576b6de792e
-
SSDEEP
12288:7Mr1y90ba0iaHKGZ+lZ5gKHQHVDbtewrDNB3YzgjMNi0CS4TohKR9yaqnPFxmMxs:6yb0vH5ZE8Kutec8gz0hQJR8j8MG
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-