General
-
Target
8109a54ee162f6c927c0e161cefd132b464a5679e7c4f4201a4a8923b2fcae48
-
Size
662KB
-
Sample
230912-lgezwsbd31
-
MD5
a2d6dfaa1c49cd764e7fa80322dde403
-
SHA1
ff4e8cf86fa2d174c5e4b7b70f8f1d93728b0bec
-
SHA256
8109a54ee162f6c927c0e161cefd132b464a5679e7c4f4201a4a8923b2fcae48
-
SHA512
12d807ec31827fb3099a59ba2e3b6b6da230e312830b8b306d514703900f627b88bfeae64682901a026a44bb0a41ed5ceef2ad5bb6a8c785afe69a80617842c8
-
SSDEEP
12288:HMrCy90KC49Mg2uNAVqb09EmgBVDBZNKM0rp/Z2Cq5g4TeDal/3i/Rz:dyBZ9N2u6IbdFBZEM0r1Rq5g4Pm
Static task
static1
Behavioral task
behavioral1
Sample
8109a54ee162f6c927c0e161cefd132b464a5679e7c4f4201a4a8923b2fcae48.exe
Resource
win10-20230831-en
Malware Config
Extracted
redline
virad
77.91.124.82:19071
-
auth_value
434dd63619ca8bbf10125913fb40ca28
Targets
-
-
Target
8109a54ee162f6c927c0e161cefd132b464a5679e7c4f4201a4a8923b2fcae48
-
Size
662KB
-
MD5
a2d6dfaa1c49cd764e7fa80322dde403
-
SHA1
ff4e8cf86fa2d174c5e4b7b70f8f1d93728b0bec
-
SHA256
8109a54ee162f6c927c0e161cefd132b464a5679e7c4f4201a4a8923b2fcae48
-
SHA512
12d807ec31827fb3099a59ba2e3b6b6da230e312830b8b306d514703900f627b88bfeae64682901a026a44bb0a41ed5ceef2ad5bb6a8c785afe69a80617842c8
-
SSDEEP
12288:HMrCy90KC49Mg2uNAVqb09EmgBVDBZNKM0rp/Z2Cq5g4TeDal/3i/Rz:dyBZ9N2u6IbdFBZEM0r1Rq5g4Pm
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-