General
-
Target
228c570f866ee9b1064b0b1fdc1ca7edea4adba7ff6c112aedb7181ed9d9c788
-
Size
756KB
-
Sample
230820-ej4mpseh2x
-
MD5
fd6bbd9789a3c382e1985a23dcbc39ce
-
SHA1
0f01f503297e191c7f71bf03d925758567cda25b
-
SHA256
228c570f866ee9b1064b0b1fdc1ca7edea4adba7ff6c112aedb7181ed9d9c788
-
SHA512
fe5a7c3db73f06faa418f02ebe8af12c2666abd59ff6ccdca07198848507fcca08aa619cc8f4db8ccfa4aa81eb5c2cb0135c52eb68e369c4270d444ced23b3bc
-
SSDEEP
12288:oMrIy90+byvx0JuQhPhWL6xud6IfmpMV/CWOZMFlOO70jzU7ZMuyO:gyxWqhWL6wd6ym6lCWFFl97azUb
Static task
static1
Behavioral task
behavioral1
Sample
228c570f866ee9b1064b0b1fdc1ca7edea4adba7ff6c112aedb7181ed9d9c788.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
amadey
S-%lu-
77.91.68.18/nice/index.php
3.87/nice/index.php
Extracted
redline
jonka
77.91.124.73:19071
-
auth_value
c95bc30cd252fa6dff2a19fd78bfab4e
Targets
-
-
Target
228c570f866ee9b1064b0b1fdc1ca7edea4adba7ff6c112aedb7181ed9d9c788
-
Size
756KB
-
MD5
fd6bbd9789a3c382e1985a23dcbc39ce
-
SHA1
0f01f503297e191c7f71bf03d925758567cda25b
-
SHA256
228c570f866ee9b1064b0b1fdc1ca7edea4adba7ff6c112aedb7181ed9d9c788
-
SHA512
fe5a7c3db73f06faa418f02ebe8af12c2666abd59ff6ccdca07198848507fcca08aa619cc8f4db8ccfa4aa81eb5c2cb0135c52eb68e369c4270d444ced23b3bc
-
SSDEEP
12288:oMrIy90+byvx0JuQhPhWL6xud6IfmpMV/CWOZMFlOO70jzU7ZMuyO:gyxWqhWL6wd6ym6lCWFFl97azUb
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-