General
-
Target
c57da98e17ee17c4d6e35089c899ac5df6a6ecb68be7fa6074d445dc108c0149
-
Size
440KB
-
Sample
241109-1cvbcasfpd
-
MD5
945aa3c8f40687ab3a9dad2d92122f7f
-
SHA1
e6a2012f3324d0aa7a85aa10ecc3ca594a064264
-
SHA256
c57da98e17ee17c4d6e35089c899ac5df6a6ecb68be7fa6074d445dc108c0149
-
SHA512
8264e08aafc2cb135b81f66cc58530d4cc6d8cc0b3f6fd43f923fe4135483cad9461c70004e067c746f66187d6d9ca8e4ab3158c4cf525d075e9fece60c6866b
-
SSDEEP
12288:GMrqy90dc/tcud3QUcmivkHBBKH7O4DL6L9Xr:syqclnivQQy4DeZr
Static task
static1
Behavioral task
behavioral1
Sample
c57da98e17ee17c4d6e35089c899ac5df6a6ecb68be7fa6074d445dc108c0149.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ramon
193.233.20.23:4123
-
auth_value
3197576965d9513f115338c233015b40
Targets
-
-
Target
c57da98e17ee17c4d6e35089c899ac5df6a6ecb68be7fa6074d445dc108c0149
-
Size
440KB
-
MD5
945aa3c8f40687ab3a9dad2d92122f7f
-
SHA1
e6a2012f3324d0aa7a85aa10ecc3ca594a064264
-
SHA256
c57da98e17ee17c4d6e35089c899ac5df6a6ecb68be7fa6074d445dc108c0149
-
SHA512
8264e08aafc2cb135b81f66cc58530d4cc6d8cc0b3f6fd43f923fe4135483cad9461c70004e067c746f66187d6d9ca8e4ab3158c4cf525d075e9fece60c6866b
-
SSDEEP
12288:GMrqy90dc/tcud3QUcmivkHBBKH7O4DL6L9Xr:syqclnivQQy4DeZr
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-