General
-
Target
ff641195ccddddfea2dd81964df3da475939123ae9c4717fabdc768e641de096
-
Size
658KB
-
Sample
230912-l7dvhseb98
-
MD5
2054391dff429e9fc3972b14e99b4d73
-
SHA1
cd4e8c2d0573985fc4e0e33a5ecce53732473944
-
SHA256
ff641195ccddddfea2dd81964df3da475939123ae9c4717fabdc768e641de096
-
SHA512
c646a86c2cbdb84ead0e7cb7c69d11825381685239bd67bd2bb526813a5607d04135f7c1ee8f4b32e85096f85d0d2de6953fa1cb0b0b272c5abb742b0c1180e6
-
SSDEEP
12288:iMr6y90ZmNaRNBpnrpKi8zB04zZP4ylH/bLrOC5ZwA+UaDCLIoza:8yimevnr+ze+5lH/DOC52VjDCLRa
Static task
static1
Behavioral task
behavioral1
Sample
ff641195ccddddfea2dd81964df3da475939123ae9c4717fabdc768e641de096.exe
Resource
win10v2004-20230831-en
Malware Config
Extracted
redline
virad
77.91.124.82:19071
-
auth_value
434dd63619ca8bbf10125913fb40ca28
Targets
-
-
Target
ff641195ccddddfea2dd81964df3da475939123ae9c4717fabdc768e641de096
-
Size
658KB
-
MD5
2054391dff429e9fc3972b14e99b4d73
-
SHA1
cd4e8c2d0573985fc4e0e33a5ecce53732473944
-
SHA256
ff641195ccddddfea2dd81964df3da475939123ae9c4717fabdc768e641de096
-
SHA512
c646a86c2cbdb84ead0e7cb7c69d11825381685239bd67bd2bb526813a5607d04135f7c1ee8f4b32e85096f85d0d2de6953fa1cb0b0b272c5abb742b0c1180e6
-
SSDEEP
12288:iMr6y90ZmNaRNBpnrpKi8zB04zZP4ylH/bLrOC5ZwA+UaDCLIoza:8yimevnr+ze+5lH/DOC52VjDCLRa
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-