General
-
Target
8b9697b1e80c580180870b674c6f2683a0104193f4a6fad9634a3a72a151e6f3
-
Size
770KB
-
Sample
241104-rm83tazqax
-
MD5
9a09344d6fc2bbf57f68463c73c7fc9e
-
SHA1
8e0903162221e8379beb629bde7801b50d007205
-
SHA256
8b9697b1e80c580180870b674c6f2683a0104193f4a6fad9634a3a72a151e6f3
-
SHA512
ffa09a131cde36d1cdafe19c05b535298d357e28c8d0012055495fafa151dc74910e9de8b2d80d355ad1772bb2769452721ba58e923c9a933cec2b6b1a0a049c
-
SSDEEP
12288:mMrmy90LagPJJllsTGdJ4l0TrIonGfw2UMSWspCxOr4D9QCL1PQK3BtbsG:syfgPPllIGdyKIsqXS9O8T63B2G
Static task
static1
Behavioral task
behavioral1
Sample
8b9697b1e80c580180870b674c6f2683a0104193f4a6fad9634a3a72a151e6f3.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
mixa
185.161.248.75:4132
-
auth_value
9d14534b25ac495ab25b59800acf3bb2
Targets
-
-
Target
8b9697b1e80c580180870b674c6f2683a0104193f4a6fad9634a3a72a151e6f3
-
Size
770KB
-
MD5
9a09344d6fc2bbf57f68463c73c7fc9e
-
SHA1
8e0903162221e8379beb629bde7801b50d007205
-
SHA256
8b9697b1e80c580180870b674c6f2683a0104193f4a6fad9634a3a72a151e6f3
-
SHA512
ffa09a131cde36d1cdafe19c05b535298d357e28c8d0012055495fafa151dc74910e9de8b2d80d355ad1772bb2769452721ba58e923c9a933cec2b6b1a0a049c
-
SSDEEP
12288:mMrmy90LagPJJllsTGdJ4l0TrIonGfw2UMSWspCxOr4D9QCL1PQK3BtbsG:syfgPPllIGdyKIsqXS9O8T63B2G
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1