General
-
Target
3e6778fca9ba57e859e3882f6ecbb52c039905d7ce74ac28ffa7199383e2ff8a
-
Size
635KB
-
Sample
241109-1b8gks1rdy
-
MD5
73dc06ce0dab3226a08cbf9b4266ec4a
-
SHA1
3ecc9dc261be935368b38239ac0fd329859c2572
-
SHA256
3e6778fca9ba57e859e3882f6ecbb52c039905d7ce74ac28ffa7199383e2ff8a
-
SHA512
b68cb11ef5182e0e49a360b0a9df03d32d63ad32370a4db789b37580cdbefb507877c720ac1d700b9500a5e333f7d3218b9b76a771958786c36951253bf16a68
-
SSDEEP
12288:dMrSy90Y6JITKVGgrSg4AG2rB+3y7wJnPzksCnqNYHyHKq7/wq:nyd6HVGu4++3y74eqNZ7B
Static task
static1
Behavioral task
behavioral1
Sample
3e6778fca9ba57e859e3882f6ecbb52c039905d7ce74ac28ffa7199383e2ff8a.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ruma
193.233.20.13:4136
-
auth_value
647d00dfaba082a4a30f383bca5d1a2a
Targets
-
-
Target
3e6778fca9ba57e859e3882f6ecbb52c039905d7ce74ac28ffa7199383e2ff8a
-
Size
635KB
-
MD5
73dc06ce0dab3226a08cbf9b4266ec4a
-
SHA1
3ecc9dc261be935368b38239ac0fd329859c2572
-
SHA256
3e6778fca9ba57e859e3882f6ecbb52c039905d7ce74ac28ffa7199383e2ff8a
-
SHA512
b68cb11ef5182e0e49a360b0a9df03d32d63ad32370a4db789b37580cdbefb507877c720ac1d700b9500a5e333f7d3218b9b76a771958786c36951253bf16a68
-
SSDEEP
12288:dMrSy90Y6JITKVGgrSg4AG2rB+3y7wJnPzksCnqNYHyHKq7/wq:nyd6HVGu4++3y74eqNZ7B
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-