General
-
Target
5f6d8a9e9202acda79215f0f2e8c48cfeec1c5aa307fd236043a927aa8a67a3c
-
Size
661KB
-
Sample
230912-maqngsbf5z
-
MD5
2acefe5d04b2b3c3d579c22032451187
-
SHA1
19a2f46980616ccbddac939c190ccfe5fc945d08
-
SHA256
5f6d8a9e9202acda79215f0f2e8c48cfeec1c5aa307fd236043a927aa8a67a3c
-
SHA512
d00d50ee37a8f81823f4b57e5b5da5657ab1d97dcd32f67b964bc3bc4862890802b31de3859d308d4e816f5ebbbef13af76ecfad0edc0455b4bd024fad1269d0
-
SSDEEP
12288:HMroy90o6XSsWlyRHNqOTwGLhGA2N95BlGk2v+4zaoDeAAw:rycrWlyZsGLhw9JGki5aoDeAD
Static task
static1
Behavioral task
behavioral1
Sample
5f6d8a9e9202acda79215f0f2e8c48cfeec1c5aa307fd236043a927aa8a67a3c.exe
Resource
win10v2004-20230831-en
Malware Config
Extracted
redline
virad
77.91.124.82:19071
-
auth_value
434dd63619ca8bbf10125913fb40ca28
Targets
-
-
Target
5f6d8a9e9202acda79215f0f2e8c48cfeec1c5aa307fd236043a927aa8a67a3c
-
Size
661KB
-
MD5
2acefe5d04b2b3c3d579c22032451187
-
SHA1
19a2f46980616ccbddac939c190ccfe5fc945d08
-
SHA256
5f6d8a9e9202acda79215f0f2e8c48cfeec1c5aa307fd236043a927aa8a67a3c
-
SHA512
d00d50ee37a8f81823f4b57e5b5da5657ab1d97dcd32f67b964bc3bc4862890802b31de3859d308d4e816f5ebbbef13af76ecfad0edc0455b4bd024fad1269d0
-
SSDEEP
12288:HMroy90o6XSsWlyRHNqOTwGLhGA2N95BlGk2v+4zaoDeAAw:rycrWlyZsGLhw9JGki5aoDeAD
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-