General
-
Target
8b16b143d9395bdf340d47c2ef82ceed19f352c4ae221d354eabb39091e93dd7
-
Size
662KB
-
Sample
230912-lrcmhsea98
-
MD5
a05ef401f802a1ffe8faa4052f97bf00
-
SHA1
00d9779f177d186e93c6e0c62fd5a13338f15389
-
SHA256
8b16b143d9395bdf340d47c2ef82ceed19f352c4ae221d354eabb39091e93dd7
-
SHA512
bdc5e6fde94070a4492a3a9806d853cf1c50da0ee8fbebe72b2d3ef1c43d762d7d2384da7d74cd42aa0e8ca25cf3d0759ced29ada6e05316d94ed4a8acd522f6
-
SSDEEP
12288:MMrAy90kBp/vHadyxXy+xsLXsdoRMDdgmDxH2qNXfxPlSW1q/xYh:0yBiMcdLsmRS6mDxWqTtSW1SxYh
Static task
static1
Behavioral task
behavioral1
Sample
8b16b143d9395bdf340d47c2ef82ceed19f352c4ae221d354eabb39091e93dd7.exe
Resource
win10-20230831-en
Malware Config
Extracted
redline
virad
77.91.124.82:19071
-
auth_value
434dd63619ca8bbf10125913fb40ca28
Targets
-
-
Target
8b16b143d9395bdf340d47c2ef82ceed19f352c4ae221d354eabb39091e93dd7
-
Size
662KB
-
MD5
a05ef401f802a1ffe8faa4052f97bf00
-
SHA1
00d9779f177d186e93c6e0c62fd5a13338f15389
-
SHA256
8b16b143d9395bdf340d47c2ef82ceed19f352c4ae221d354eabb39091e93dd7
-
SHA512
bdc5e6fde94070a4492a3a9806d853cf1c50da0ee8fbebe72b2d3ef1c43d762d7d2384da7d74cd42aa0e8ca25cf3d0759ced29ada6e05316d94ed4a8acd522f6
-
SSDEEP
12288:MMrAy90kBp/vHadyxXy+xsLXsdoRMDdgmDxH2qNXfxPlSW1q/xYh:0yBiMcdLsmRS6mDxWqTtSW1SxYh
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-