General
-
Target
089e75816a6610c20929c8ea4fc3255e.exe
-
Size
855KB
-
Sample
230819-gtq6gahg4x
-
MD5
089e75816a6610c20929c8ea4fc3255e
-
SHA1
dc4dc424828f8f1ba2ecb36946ea6426ddaf5f29
-
SHA256
a444912b4f74002b2baf74df2091e86979ed630a05b3cf03089dae8933eb096a
-
SHA512
1815ec111d60cd01e47727e0d21e3084021ab314d6865cd33e0e0e043f9b94752c519855059bb913e9800db0011336feb162b7fe8cce783143327857b8b6f025
-
SSDEEP
12288:YMrAy90ZAntb3eSo0RnAhjnC1bZTKRu0hM0LRZD3Zj02a3LTViJpkQzt:IyVtzG5hbClZTKRaED3WHVisct
Static task
static1
Behavioral task
behavioral1
Sample
089e75816a6610c20929c8ea4fc3255e.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
089e75816a6610c20929c8ea4fc3255e.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
regta
77.91.124.54:19071
-
auth_value
c6f537c6f0415ea7760a9bc81f48c756
Targets
-
-
Target
089e75816a6610c20929c8ea4fc3255e.exe
-
Size
855KB
-
MD5
089e75816a6610c20929c8ea4fc3255e
-
SHA1
dc4dc424828f8f1ba2ecb36946ea6426ddaf5f29
-
SHA256
a444912b4f74002b2baf74df2091e86979ed630a05b3cf03089dae8933eb096a
-
SHA512
1815ec111d60cd01e47727e0d21e3084021ab314d6865cd33e0e0e043f9b94752c519855059bb913e9800db0011336feb162b7fe8cce783143327857b8b6f025
-
SSDEEP
12288:YMrAy90ZAntb3eSo0RnAhjnC1bZTKRu0hM0LRZD3Zj02a3LTViJpkQzt:IyVtzG5hbClZTKRaED3WHVisct
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-