General
-
Target
dea98214ec29b7cd5cb24e695.exe
-
Size
529KB
-
Sample
230710-xjx42ach75
-
MD5
dea98214ec29b7cd5cb24e6957d3122b
-
SHA1
5e6e7063d689fc58282309aed47a037054a079de
-
SHA256
55b8a711e22c32e0890552fcd9384eb4c830629379064880ff92127969cb449e
-
SHA512
d0575b08b156145a7bcf8f348e569ddbcc7f7da7ce5cddffef5f6cde3c1c2c1cf9a80b4e1d45a401bcbcbeda6c7a3be6dcc3ab3cf47bca77dbe54540853afe13
-
SSDEEP
12288:CbEbfvWaRdnQgaFjvXoIITSjxMd7cfxXgMG7cVC:CbEjvW82giofTCxXl3VC
Static task
static1
Behavioral task
behavioral1
Sample
dea98214ec29b7cd5cb24e695.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
dea98214ec29b7cd5cb24e695.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
furod
77.91.68.70:19073
-
auth_value
d2386245fe11799b28b4521492a5879d
Targets
-
-
Target
dea98214ec29b7cd5cb24e695.exe
-
Size
529KB
-
MD5
dea98214ec29b7cd5cb24e6957d3122b
-
SHA1
5e6e7063d689fc58282309aed47a037054a079de
-
SHA256
55b8a711e22c32e0890552fcd9384eb4c830629379064880ff92127969cb449e
-
SHA512
d0575b08b156145a7bcf8f348e569ddbcc7f7da7ce5cddffef5f6cde3c1c2c1cf9a80b4e1d45a401bcbcbeda6c7a3be6dcc3ab3cf47bca77dbe54540853afe13
-
SSDEEP
12288:CbEbfvWaRdnQgaFjvXoIITSjxMd7cfxXgMG7cVC:CbEjvW82giofTCxXl3VC
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-