General
-
Target
1938941ebd0deee712fe1d12346887e342521e0589d0777e277a7b7636ce1adc
-
Size
770KB
-
Sample
241109-fehp4sxhql
-
MD5
d601f90f88eab3075090a023267585ce
-
SHA1
c126dc785df1c0cbf13dc93aa90b875a0a392ccc
-
SHA256
1938941ebd0deee712fe1d12346887e342521e0589d0777e277a7b7636ce1adc
-
SHA512
25f467b2e820acb0e2a7d6f27985759a22a3ad925489ebd6c5f686450adcaa416ee6a5e5eed13b3b4b69115d3e89b9e79b275dea68f3117a5980ca4bc035ca62
-
SSDEEP
24576:pykbZIAHMPSpNHlGFZXqQlvZT22lVEsYhUO:c8eAHMQNlGFZXqYvNBy
Static task
static1
Behavioral task
behavioral1
Sample
1938941ebd0deee712fe1d12346887e342521e0589d0777e277a7b7636ce1adc.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
mixa
185.161.248.75:4132
-
auth_value
9d14534b25ac495ab25b59800acf3bb2
Targets
-
-
Target
1938941ebd0deee712fe1d12346887e342521e0589d0777e277a7b7636ce1adc
-
Size
770KB
-
MD5
d601f90f88eab3075090a023267585ce
-
SHA1
c126dc785df1c0cbf13dc93aa90b875a0a392ccc
-
SHA256
1938941ebd0deee712fe1d12346887e342521e0589d0777e277a7b7636ce1adc
-
SHA512
25f467b2e820acb0e2a7d6f27985759a22a3ad925489ebd6c5f686450adcaa416ee6a5e5eed13b3b4b69115d3e89b9e79b275dea68f3117a5980ca4bc035ca62
-
SSDEEP
24576:pykbZIAHMPSpNHlGFZXqQlvZT22lVEsYhUO:c8eAHMQNlGFZXqYvNBy
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1