General
-
Target
273db29bd8f6b3d55e647ea0a5a0beb71fc0461a635713ad9e94e9fd3e360cdd
-
Size
662KB
-
Sample
230912-m31zxsbg7w
-
MD5
31658a3c13d7695eabece91f964a4826
-
SHA1
25148111c8293d69171cb3854483aa2d6652dd74
-
SHA256
273db29bd8f6b3d55e647ea0a5a0beb71fc0461a635713ad9e94e9fd3e360cdd
-
SHA512
24308e1a2e4d6a1c34ef754631a4ac3b543a6e39d2b1b42b367a4130cdf62372379eaf730fd727c3693c94982c74ba00d1dc0b0d8489aa0442c3fcf2f2982f2f
-
SSDEEP
12288:nMrUy904NJYJiWPef6O1WGM19ND4/dAvFkNut3p4USIqYkVZP7wzPu:nyfNRWi6Xr58AdHt55SkOPEzPu
Static task
static1
Behavioral task
behavioral1
Sample
273db29bd8f6b3d55e647ea0a5a0beb71fc0461a635713ad9e94e9fd3e360cdd.exe
Resource
win10v2004-20230831-en
Malware Config
Extracted
redline
lada
77.91.124.82:19071
-
auth_value
252f78fed0684205b098417688fa33e2
Targets
-
-
Target
273db29bd8f6b3d55e647ea0a5a0beb71fc0461a635713ad9e94e9fd3e360cdd
-
Size
662KB
-
MD5
31658a3c13d7695eabece91f964a4826
-
SHA1
25148111c8293d69171cb3854483aa2d6652dd74
-
SHA256
273db29bd8f6b3d55e647ea0a5a0beb71fc0461a635713ad9e94e9fd3e360cdd
-
SHA512
24308e1a2e4d6a1c34ef754631a4ac3b543a6e39d2b1b42b367a4130cdf62372379eaf730fd727c3693c94982c74ba00d1dc0b0d8489aa0442c3fcf2f2982f2f
-
SSDEEP
12288:nMrUy904NJYJiWPef6O1WGM19ND4/dAvFkNut3p4USIqYkVZP7wzPu:nyfNRWi6Xr58AdHt55SkOPEzPu
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-