General
-
Target
05d00a8fe7a135a76e633e780fe166690fbc24c81b7e92147d4720132883bcc0.bin
-
Size
1.5MB
-
Sample
231107-wf7nmacf6s
-
MD5
213724da16f36242e50dafa7d142bba0
-
SHA1
2172e5e403c1fbacb444d555acd2dbdd597e7a4b
-
SHA256
05d00a8fe7a135a76e633e780fe166690fbc24c81b7e92147d4720132883bcc0
-
SHA512
dc47b66d3ed3f1bf322b693396094ae5f2d223fb1c49c947dbe13b618447536da865dcdd1627086936e6918cb10d1f9e8a2cd44a22f3dfc268e8a258cde3a9d4
-
SSDEEP
24576:TyGku0Brki1KmZHmQW6fkS1gXSspfpFYrusyKelLQCnoH4cHvMi1wxZA7BIwnhpU:mNQjQWxOm9pfvnP5QCnq/PhwxZA95n
Static task
static1
Behavioral task
behavioral1
Sample
05d00a8fe7a135a76e633e780fe166690fbc24c81b7e92147d4720132883bcc0.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
05d00a8fe7a135a76e633e780fe166690fbc24c81b7e92147d4720132883bcc0.exe
Resource
win10-20231020-en
Behavioral task
behavioral3
Sample
05d00a8fe7a135a76e633e780fe166690fbc24c81b7e92147d4720132883bcc0.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
redline
most
185.161.248.73:4164
-
auth_value
7da4dfa153f2919e617aa016f7c36008
Targets
-
-
Target
05d00a8fe7a135a76e633e780fe166690fbc24c81b7e92147d4720132883bcc0.bin
-
Size
1.5MB
-
MD5
213724da16f36242e50dafa7d142bba0
-
SHA1
2172e5e403c1fbacb444d555acd2dbdd597e7a4b
-
SHA256
05d00a8fe7a135a76e633e780fe166690fbc24c81b7e92147d4720132883bcc0
-
SHA512
dc47b66d3ed3f1bf322b693396094ae5f2d223fb1c49c947dbe13b618447536da865dcdd1627086936e6918cb10d1f9e8a2cd44a22f3dfc268e8a258cde3a9d4
-
SSDEEP
24576:TyGku0Brki1KmZHmQW6fkS1gXSspfpFYrusyKelLQCnoH4cHvMi1wxZA7BIwnhpU:mNQjQWxOm9pfvnP5QCnq/PhwxZA95n
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-