General
-
Target
5bb60b23436c08afdd8a63e1d850cb1088a324801cb5c9df376ec77d94e7fabe
-
Size
1.5MB
-
Sample
240501-12ft9ahb7x
-
MD5
859dcc7c4c34d07895e38361d95dd45d
-
SHA1
e8f9b0822191ead93728a95bac56e05233b5a033
-
SHA256
5bb60b23436c08afdd8a63e1d850cb1088a324801cb5c9df376ec77d94e7fabe
-
SHA512
a7565da97fc7a868ec4f6dd07bea6961f366a15de0cd2619d80e2ff0c1b9c334076f1fc4e7317212e98344fca001ade21cd9889c5208bc6a28179da9ff25f1e3
-
SSDEEP
24576:oyWSwJ/NDfYh4mi85jlskYiMUF2tLJIE2ol1WbTqn6lgqFu7q:vWSiNDfY2mi8NarOF6qhGZ6uIu7
Static task
static1
Behavioral task
behavioral1
Sample
5bb60b23436c08afdd8a63e1d850cb1088a324801cb5c9df376ec77d94e7fabe.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
redline
most
185.161.248.73:4164
-
auth_value
7da4dfa153f2919e617aa016f7c36008
Targets
-
-
Target
5bb60b23436c08afdd8a63e1d850cb1088a324801cb5c9df376ec77d94e7fabe
-
Size
1.5MB
-
MD5
859dcc7c4c34d07895e38361d95dd45d
-
SHA1
e8f9b0822191ead93728a95bac56e05233b5a033
-
SHA256
5bb60b23436c08afdd8a63e1d850cb1088a324801cb5c9df376ec77d94e7fabe
-
SHA512
a7565da97fc7a868ec4f6dd07bea6961f366a15de0cd2619d80e2ff0c1b9c334076f1fc4e7317212e98344fca001ade21cd9889c5208bc6a28179da9ff25f1e3
-
SSDEEP
24576:oyWSwJ/NDfYh4mi85jlskYiMUF2tLJIE2ol1WbTqn6lgqFu7q:vWSiNDfY2mi8NarOF6qhGZ6uIu7
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Detects executables packed with ConfuserEx Mod
-
Executes dropped EXE
-
Adds Run key to start application
-