General
-
Target
6816f39228b4cbfaf3244df96f5869de774c64ca5c0a1debac55e8aaf603cec7
-
Size
206KB
-
Sample
230705-nk91jsbg74
-
MD5
541c8d96f6c4db33d703a5a871c8d2cc
-
SHA1
541b7e8b26fe3ed00c06a9691293bf300cf57047
-
SHA256
6816f39228b4cbfaf3244df96f5869de774c64ca5c0a1debac55e8aaf603cec7
-
SHA512
145e4eb9f5c20f5cfdcf8a87ce2a4d6378b7ed7af8474337880b32730a2f8fee980ee537e4c989e70480633839be072dec835124c0453defbec8b096a9a933a5
-
SSDEEP
3072:KNy+bnr+O1b5GWp1icKAArDZz4N9GhbkrNEk1jKfx/QILgqvLDWnnnlu3DcaoR:KNy+bnr+cp0yN90QEQKssL4nIoN
Static task
static1
Behavioral task
behavioral1
Sample
6816f39228b4cbfaf3244df96f5869de774c64ca5c0a1debac55e8aaf603cec7.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
6816f39228b4cbfaf3244df96f5869de774c64ca5c0a1debac55e8aaf603cec7.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
diza
83.97.73.130:19061
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
6816f39228b4cbfaf3244df96f5869de774c64ca5c0a1debac55e8aaf603cec7
-
Size
206KB
-
MD5
541c8d96f6c4db33d703a5a871c8d2cc
-
SHA1
541b7e8b26fe3ed00c06a9691293bf300cf57047
-
SHA256
6816f39228b4cbfaf3244df96f5869de774c64ca5c0a1debac55e8aaf603cec7
-
SHA512
145e4eb9f5c20f5cfdcf8a87ce2a4d6378b7ed7af8474337880b32730a2f8fee980ee537e4c989e70480633839be072dec835124c0453defbec8b096a9a933a5
-
SSDEEP
3072:KNy+bnr+O1b5GWp1icKAArDZz4N9GhbkrNEk1jKfx/QILgqvLDWnnnlu3DcaoR:KNy+bnr+cp0yN90QEQKssL4nIoN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-