General
-
Target
2e94d0b395704cefb85d7c6b5917a2f531ab9846403df3172eefdba765eec000
-
Size
662KB
-
Sample
230912-mxgzvsed55
-
MD5
e311e4eb1379acdad5a2e9529fb160be
-
SHA1
04413b52f81b89a2d9bed89f2464387c75484e5c
-
SHA256
2e94d0b395704cefb85d7c6b5917a2f531ab9846403df3172eefdba765eec000
-
SHA512
7d0dcc5513804a6db68feb228786ee6a22583faf48343ff344eebd749cb6b2408066bd261ef54560fde5c1d447a1096e7514e57dd482bb23cfdaec0ea8c41148
-
SSDEEP
12288:uMrgy90ExsUAWwVsXvyw7yl9bUHpC0lSU9cEXfo61KQlqdYz/Yy:6yxCUAWwuX5WlHoSU9DXf9bYmTYy
Static task
static1
Behavioral task
behavioral1
Sample
2e94d0b395704cefb85d7c6b5917a2f531ab9846403df3172eefdba765eec000.exe
Resource
win10-20230831-en
Malware Config
Extracted
redline
virad
77.91.124.82:19071
-
auth_value
434dd63619ca8bbf10125913fb40ca28
Targets
-
-
Target
2e94d0b395704cefb85d7c6b5917a2f531ab9846403df3172eefdba765eec000
-
Size
662KB
-
MD5
e311e4eb1379acdad5a2e9529fb160be
-
SHA1
04413b52f81b89a2d9bed89f2464387c75484e5c
-
SHA256
2e94d0b395704cefb85d7c6b5917a2f531ab9846403df3172eefdba765eec000
-
SHA512
7d0dcc5513804a6db68feb228786ee6a22583faf48343ff344eebd749cb6b2408066bd261ef54560fde5c1d447a1096e7514e57dd482bb23cfdaec0ea8c41148
-
SSDEEP
12288:uMrgy90ExsUAWwVsXvyw7yl9bUHpC0lSU9cEXfo61KQlqdYz/Yy:6yxCUAWwuX5WlHoSU9DXf9bYmTYy
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-