General
-
Target
5c2b2bc993b23e09493c737ca37a70f9cb5ffac5bceb6f5c04766eb569d4a7b5
-
Size
772KB
-
Sample
241109-fddd1axhnl
-
MD5
33247f9be20dab980780cac6b359d369
-
SHA1
76290e3c798468445f6cf1f55c5c3f56025d4c3a
-
SHA256
5c2b2bc993b23e09493c737ca37a70f9cb5ffac5bceb6f5c04766eb569d4a7b5
-
SHA512
4aa5aa324c4550d395d6874baff7d7697e7594cbdf21394df0196e679207bd40a0a68434a6f28b993ca6134f0829ff556c994f3294351cb6f6db10dadc825906
-
SSDEEP
24576:6yIH4yuVkSUJbjBKLp2BRvAavCuTpE5jt:By49VkS6bjksvCu+5
Static task
static1
Behavioral task
behavioral1
Sample
5c2b2bc993b23e09493c737ca37a70f9cb5ffac5bceb6f5c04766eb569d4a7b5.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
dubur
217.196.96.102:4132
-
auth_value
32d04179aa1e8d655d2d80c21f99de41
Targets
-
-
Target
5c2b2bc993b23e09493c737ca37a70f9cb5ffac5bceb6f5c04766eb569d4a7b5
-
Size
772KB
-
MD5
33247f9be20dab980780cac6b359d369
-
SHA1
76290e3c798468445f6cf1f55c5c3f56025d4c3a
-
SHA256
5c2b2bc993b23e09493c737ca37a70f9cb5ffac5bceb6f5c04766eb569d4a7b5
-
SHA512
4aa5aa324c4550d395d6874baff7d7697e7594cbdf21394df0196e679207bd40a0a68434a6f28b993ca6134f0829ff556c994f3294351cb6f6db10dadc825906
-
SSDEEP
24576:6yIH4yuVkSUJbjBKLp2BRvAavCuTpE5jt:By49VkS6bjksvCu+5
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1