General
-
Target
c77299729c14ee15394bc4f170f6c8b0_JC.exe
-
Size
271KB
-
Sample
230916-s7p14sed86
-
MD5
c77299729c14ee15394bc4f170f6c8b0
-
SHA1
8e228211b8429e11918b07befa27423bafc41047
-
SHA256
430d638abfaffbb86f0a50fcb4dc0f79bbfbf92f95e0aca2de20de8a43b1ab22
-
SHA512
e8c387316aff8d34df95049bd1b4049e1c26000a2b3e0c41bc26617cd102899e4c9913c4b33cc95ea23c0911f2e25a8e4ff63d8f47531edf4c7f3c293b97233d
-
SSDEEP
6144:Kky+bnr+6p0yN90QEgd3Y9ni/kYVnzZY9aSA3UEg0LvR:0Mryy90+do9niPteA3F7R
Static task
static1
Behavioral task
behavioral1
Sample
c77299729c14ee15394bc4f170f6c8b0_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
c77299729c14ee15394bc4f170f6c8b0_JC.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
virad
77.91.124.82:19071
-
auth_value
434dd63619ca8bbf10125913fb40ca28
Targets
-
-
Target
c77299729c14ee15394bc4f170f6c8b0_JC.exe
-
Size
271KB
-
MD5
c77299729c14ee15394bc4f170f6c8b0
-
SHA1
8e228211b8429e11918b07befa27423bafc41047
-
SHA256
430d638abfaffbb86f0a50fcb4dc0f79bbfbf92f95e0aca2de20de8a43b1ab22
-
SHA512
e8c387316aff8d34df95049bd1b4049e1c26000a2b3e0c41bc26617cd102899e4c9913c4b33cc95ea23c0911f2e25a8e4ff63d8f47531edf4c7f3c293b97233d
-
SSDEEP
6144:Kky+bnr+6p0yN90QEgd3Y9ni/kYVnzZY9aSA3UEg0LvR:0Mryy90+do9niPteA3F7R
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-