General
-
Target
Build.exe
-
Size
141KB
-
Sample
240428-vrexbace85
-
MD5
4793635d89c00e6f9fc0b6953530a4c0
-
SHA1
dc168256f1b27093c7b6699fcf8ac9d4393adbe2
-
SHA256
9adbdf6077ac14b7dd2a4e37f15881bbf2fa25b56690bc5000fcfb93ed3cfbe2
-
SHA512
14aa1035d4343e898b42c70e075df65bdaa3265149806becf3e88b056f64486ac9219d137ed51af74edb0398cdab445741aa9b1a19c3e6db3e4ee260a2b04427
-
SSDEEP
3072:BK1JZOpTvVQZ+rcIeRYs6YmszJqoD277BpGGoMTb3R35dINX9r5Pxk:QOpu0rjeRbVJqoDm1pGGoMTb3RDINN
Behavioral task
behavioral1
Sample
Build.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
Build.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
Build.exe
-
Size
141KB
-
MD5
4793635d89c00e6f9fc0b6953530a4c0
-
SHA1
dc168256f1b27093c7b6699fcf8ac9d4393adbe2
-
SHA256
9adbdf6077ac14b7dd2a4e37f15881bbf2fa25b56690bc5000fcfb93ed3cfbe2
-
SHA512
14aa1035d4343e898b42c70e075df65bdaa3265149806becf3e88b056f64486ac9219d137ed51af74edb0398cdab445741aa9b1a19c3e6db3e4ee260a2b04427
-
SSDEEP
3072:BK1JZOpTvVQZ+rcIeRYs6YmszJqoD277BpGGoMTb3R35dINX9r5Pxk:QOpu0rjeRbVJqoDm1pGGoMTb3RDINN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-