General
-
Target
730106e083e822cd18c1a4c6ea80e8c2a2ee6a3a72bd6179e19e09500bda5b01
-
Size
662KB
-
Sample
230912-m1gs9sed77
-
MD5
1ed3b89ce055490ab9d70ca02d71ebb0
-
SHA1
427137db27b5febe5e08c1e9325d6f73c79e68da
-
SHA256
730106e083e822cd18c1a4c6ea80e8c2a2ee6a3a72bd6179e19e09500bda5b01
-
SHA512
666b6b9a85ed230ea4a5a6e08f2b19daebcb68d3f600cf60b3f3c453887828fd9e4d20667ecc572b144e9c4c1947f4e7bbf6c40a7efc1c79c7a9fa70e7f3170e
-
SSDEEP
12288:YMrPy90dJ0rhb8I/c9hg29FURqzlEf7b7df3oYgpriGq/2Q:XyuJ0rhwI/Ma29nzlkb7dfopp6OQ
Static task
static1
Behavioral task
behavioral1
Sample
730106e083e822cd18c1a4c6ea80e8c2a2ee6a3a72bd6179e19e09500bda5b01.exe
Resource
win10-20230831-en
Malware Config
Extracted
redline
lada
77.91.124.82:19071
-
auth_value
252f78fed0684205b098417688fa33e2
Targets
-
-
Target
730106e083e822cd18c1a4c6ea80e8c2a2ee6a3a72bd6179e19e09500bda5b01
-
Size
662KB
-
MD5
1ed3b89ce055490ab9d70ca02d71ebb0
-
SHA1
427137db27b5febe5e08c1e9325d6f73c79e68da
-
SHA256
730106e083e822cd18c1a4c6ea80e8c2a2ee6a3a72bd6179e19e09500bda5b01
-
SHA512
666b6b9a85ed230ea4a5a6e08f2b19daebcb68d3f600cf60b3f3c453887828fd9e4d20667ecc572b144e9c4c1947f4e7bbf6c40a7efc1c79c7a9fa70e7f3170e
-
SSDEEP
12288:YMrPy90dJ0rhb8I/c9hg29FURqzlEf7b7df3oYgpriGq/2Q:XyuJ0rhwI/Ma29nzlkb7dfopp6OQ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-