General
-
Target
2d8e62d81d0b497714a61e9fba8a297e969e9bb9cc29f95e20d9c7f2f64e472a
-
Size
729KB
-
Sample
240525-ystnmsha26
-
MD5
2cf2cb1c22aede8fd8a995f4f073ec71
-
SHA1
ce921866530f90bd63359b379292233cf202d733
-
SHA256
2d8e62d81d0b497714a61e9fba8a297e969e9bb9cc29f95e20d9c7f2f64e472a
-
SHA512
d996fcab5b013c5cb9ffaba403d56c81bb2fdc57ae9ed43ccc2a7c95770b3eb173b014a8a693aa45e4e45c46e94c62b72c00b88f461a3e8a30422a1fc5ab8749
-
SSDEEP
12288:EzKy90JE0kP5xBRWOp4ATeD1uNaDMFrOszYl9tFbrYdCYBXA5XmvNt:FyG4mq6sFShrbr4bXGXe
Static task
static1
Behavioral task
behavioral1
Sample
2d8e62d81d0b497714a61e9fba8a297e969e9bb9cc29f95e20d9c7f2f64e472a.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
redline
furga
83.97.73.128:19071
-
auth_value
1b7af6db7a79a3475798fcf494818be7
Targets
-
-
Target
2d8e62d81d0b497714a61e9fba8a297e969e9bb9cc29f95e20d9c7f2f64e472a
-
Size
729KB
-
MD5
2cf2cb1c22aede8fd8a995f4f073ec71
-
SHA1
ce921866530f90bd63359b379292233cf202d733
-
SHA256
2d8e62d81d0b497714a61e9fba8a297e969e9bb9cc29f95e20d9c7f2f64e472a
-
SHA512
d996fcab5b013c5cb9ffaba403d56c81bb2fdc57ae9ed43ccc2a7c95770b3eb173b014a8a693aa45e4e45c46e94c62b72c00b88f461a3e8a30422a1fc5ab8749
-
SSDEEP
12288:EzKy90JE0kP5xBRWOp4ATeD1uNaDMFrOszYl9tFbrYdCYBXA5XmvNt:FyG4mq6sFShrbr4bXGXe
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Detects executables packed with ConfuserEx Mod
-
Executes dropped EXE
-
Adds Run key to start application
-