General
-
Target
f82e79d50e16d58655fd1ce0114212e362be13b29f17baf70f8e565e20274987
-
Size
441KB
-
Sample
241109-1ccrassfnf
-
MD5
fdbe2f15b37ea7083d8af28dca420e2f
-
SHA1
bc087529e5ae4c4df8c62acc0732d54d8b5d996e
-
SHA256
f82e79d50e16d58655fd1ce0114212e362be13b29f17baf70f8e565e20274987
-
SHA512
efb5067aa2ac9ab8b28db5d40762998a0321ce85615a61534397eaca5f5dbb1924eb84a88a1de7e9bd1f84c0dcd4d1cac19c47dba506a784d44dcd7364de7ab9
-
SSDEEP
12288:NMrQy90vOuiXeKJA/LokpJ+y39L+U4hCCHV8:By4ONXAZp0yb4B18
Static task
static1
Behavioral task
behavioral1
Sample
f82e79d50e16d58655fd1ce0114212e362be13b29f17baf70f8e565e20274987.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ramon
193.233.20.23:4123
-
auth_value
3197576965d9513f115338c233015b40
Targets
-
-
Target
f82e79d50e16d58655fd1ce0114212e362be13b29f17baf70f8e565e20274987
-
Size
441KB
-
MD5
fdbe2f15b37ea7083d8af28dca420e2f
-
SHA1
bc087529e5ae4c4df8c62acc0732d54d8b5d996e
-
SHA256
f82e79d50e16d58655fd1ce0114212e362be13b29f17baf70f8e565e20274987
-
SHA512
efb5067aa2ac9ab8b28db5d40762998a0321ce85615a61534397eaca5f5dbb1924eb84a88a1de7e9bd1f84c0dcd4d1cac19c47dba506a784d44dcd7364de7ab9
-
SSDEEP
12288:NMrQy90vOuiXeKJA/LokpJ+y39L+U4hCCHV8:By4ONXAZp0yb4B18
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-