General
-
Target
70c9e07576d0afc522ad7bf88c7b9839e045e76143453b6a94cbedc3bcbc5181
-
Size
565KB
-
Sample
241109-3amvlaxkfl
-
MD5
af485ddf53e784f6ad343763402f4936
-
SHA1
bd771976558f701c3b4299a80ba3813bf4c61d5c
-
SHA256
70c9e07576d0afc522ad7bf88c7b9839e045e76143453b6a94cbedc3bcbc5181
-
SHA512
28835b5116f81f2c69f2031e9b6d5f2bb5e82cceb4176741b21f098161cb938f3d98f5506b9f1b1b22a28d1a86fe0ccbcb77c8a993ba23a0436c7b5d613d8eec
-
SSDEEP
12288:JMrny90225fVR1TXT6Snl4x9wJ2v/cb6Hi/DE0WhkYm2T:myFcV31l4x8O/46CI6n2T
Static task
static1
Behavioral task
behavioral1
Sample
70c9e07576d0afc522ad7bf88c7b9839e045e76143453b6a94cbedc3bcbc5181.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
70c9e07576d0afc522ad7bf88c7b9839e045e76143453b6a94cbedc3bcbc5181
-
Size
565KB
-
MD5
af485ddf53e784f6ad343763402f4936
-
SHA1
bd771976558f701c3b4299a80ba3813bf4c61d5c
-
SHA256
70c9e07576d0afc522ad7bf88c7b9839e045e76143453b6a94cbedc3bcbc5181
-
SHA512
28835b5116f81f2c69f2031e9b6d5f2bb5e82cceb4176741b21f098161cb938f3d98f5506b9f1b1b22a28d1a86fe0ccbcb77c8a993ba23a0436c7b5d613d8eec
-
SSDEEP
12288:JMrny90225fVR1TXT6Snl4x9wJ2v/cb6Hi/DE0WhkYm2T:myFcV31l4x8O/46CI6n2T
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-