General
-
Target
f1ff3998c5da53813116a63cd9714777a29303f9a8b624311c6a3427568c1fc5
-
Size
390KB
-
Sample
241109-1rffqsslaw
-
MD5
468704ecd1bfbc69460ce651eec8f533
-
SHA1
ba7d25cb1bf8127ff44208426c6896221afe0d9b
-
SHA256
f1ff3998c5da53813116a63cd9714777a29303f9a8b624311c6a3427568c1fc5
-
SHA512
6cb340b3daaaf92ba626b58ed48402e699109b761b0fa1f1f19f29a693861cd7cc23b72105e1bb3cfab8c9302df4e6b6554b24b92154e7e6ad99380245153019
-
SSDEEP
12288:b42ccDtTEnb8a87pmj89ccwt9tIAUYEMmOc:b4whInswj8Dw9PLc
Static task
static1
Behavioral task
behavioral1
Sample
933d8e7c40120f0c690249dbf2cab78013a482725323107d27f76f0880ce6864.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ramon
193.233.20.23:4123
-
auth_value
3197576965d9513f115338c233015b40
Targets
-
-
Target
933d8e7c40120f0c690249dbf2cab78013a482725323107d27f76f0880ce6864.exe
-
Size
441KB
-
MD5
9ed1d7d5c099a29df7c61efac990f993
-
SHA1
6dcdf9afb1b8f11e646bd23ac7308e4c5c131529
-
SHA256
933d8e7c40120f0c690249dbf2cab78013a482725323107d27f76f0880ce6864
-
SHA512
fae77539f3f5e82ca7d9f2038e9c6125f91279a585b8dd292d824d1f0ecd9e4c0e0cd0f94155b91ca7ea9a7f9ed29f63b2c833344af8cd503d0ed30fe7bd60bf
-
SSDEEP
12288:5Mrzy90qrVyl1e5Qy5K6OMsSLo5fUAMvC6H:eyNxyG5QQD+SL2fJ8H
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-