General
-
Target
e083c06f929e43d9cd59a21e5cb751f2c8c951de8b797.exe
-
Size
1.6MB
-
Sample
230716-bexf2scb64
-
MD5
d3860d9c8e4727b97958ea1de21358d2
-
SHA1
da08b390fb391bea010879582494047ee1679d60
-
SHA256
e083c06f929e43d9cd59a21e5cb751f2c8c951de8b797979234acde6424a94df
-
SHA512
b3eae717785607af58460f2b1e4606d522f8324cefb3bcecac74275be48715b28f9aa0ba31e9c63db8f5990921393bbffa0e902f9f8162733c4c340d919fefae
-
SSDEEP
24576:8yV/JsFutjl/t3WXjzYhgMnBLyYyDdNa0DW77fSdWmF5gkg0te03ziK/cd:rNJsFutFt3WXEr0ja0DW77eBXX53v/c
Static task
static1
Behavioral task
behavioral1
Sample
e083c06f929e43d9cd59a21e5cb751f2c8c951de8b797.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
e083c06f929e43d9cd59a21e5cb751f2c8c951de8b797.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
masha
77.91.68.48:19071
-
auth_value
55b9b39a0dae383196a4b8d79e5bb805
Targets
-
-
Target
e083c06f929e43d9cd59a21e5cb751f2c8c951de8b797.exe
-
Size
1.6MB
-
MD5
d3860d9c8e4727b97958ea1de21358d2
-
SHA1
da08b390fb391bea010879582494047ee1679d60
-
SHA256
e083c06f929e43d9cd59a21e5cb751f2c8c951de8b797979234acde6424a94df
-
SHA512
b3eae717785607af58460f2b1e4606d522f8324cefb3bcecac74275be48715b28f9aa0ba31e9c63db8f5990921393bbffa0e902f9f8162733c4c340d919fefae
-
SSDEEP
24576:8yV/JsFutjl/t3WXjzYhgMnBLyYyDdNa0DW77fSdWmF5gkg0te03ziK/cd:rNJsFutFt3WXEr0ja0DW77eBXX53v/c
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-