General
-
Target
0041b2bbc9ab753d10a43515b6ebdbcb0b6d793d6e2eb508815cb1a32019e20b
-
Size
438KB
-
Sample
241109-1cpqvssglp
-
MD5
62c01c8eae45091f82ef676fa30bfe0f
-
SHA1
38894ece32ba65e776632e39f4d9bdcc6d7c43fc
-
SHA256
0041b2bbc9ab753d10a43515b6ebdbcb0b6d793d6e2eb508815cb1a32019e20b
-
SHA512
66a5e97b71b11460c992065e84d10e88875802c0cfd9a7229aeded0a443ff140ae03a6de315bbac073f76baa3c985cb92be25a0edf2406298c880a4987da7223
-
SSDEEP
6144:K8y+bnr+Dp0yN90QE/hreP7EklICpdFnUCdlAM9m2g3OrW0O9:wMrry90tu3IqDnUC78wW0O9
Static task
static1
Behavioral task
behavioral1
Sample
0041b2bbc9ab753d10a43515b6ebdbcb0b6d793d6e2eb508815cb1a32019e20b.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
0041b2bbc9ab753d10a43515b6ebdbcb0b6d793d6e2eb508815cb1a32019e20b
-
Size
438KB
-
MD5
62c01c8eae45091f82ef676fa30bfe0f
-
SHA1
38894ece32ba65e776632e39f4d9bdcc6d7c43fc
-
SHA256
0041b2bbc9ab753d10a43515b6ebdbcb0b6d793d6e2eb508815cb1a32019e20b
-
SHA512
66a5e97b71b11460c992065e84d10e88875802c0cfd9a7229aeded0a443ff140ae03a6de315bbac073f76baa3c985cb92be25a0edf2406298c880a4987da7223
-
SSDEEP
6144:K8y+bnr+Dp0yN90QE/hreP7EklICpdFnUCdlAM9m2g3OrW0O9:wMrry90tu3IqDnUC78wW0O9
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-