General
-
Target
be39480e8f78cc38960853590e7873e15501ff0aaa0d831b143173a63e583a37
-
Size
583KB
-
Sample
241109-m39l3aslds
-
MD5
0d7910815498fe885c669c0729f2c212
-
SHA1
f3d347d49671d01382ca1a8e3959c0c021d3478a
-
SHA256
be39480e8f78cc38960853590e7873e15501ff0aaa0d831b143173a63e583a37
-
SHA512
05111f0f4dc39a5dfaa3c824dfa5d2a479e903e53929d7044dc3b19c50855d0fa06f8a010f80a329943eaacddf440d5ff3e3ba402ea538f038e7ecf6cce0269b
-
SSDEEP
12288:IMrxy90NUGBgl0zcN16ItRuKPWpDdmwmwYy0u70Goyr6TMgG53SX:ZycBg1r6IbTutdJYyh70Go8d53SX
Static task
static1
Behavioral task
behavioral1
Sample
be39480e8f78cc38960853590e7873e15501ff0aaa0d831b143173a63e583a37.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
be39480e8f78cc38960853590e7873e15501ff0aaa0d831b143173a63e583a37
-
Size
583KB
-
MD5
0d7910815498fe885c669c0729f2c212
-
SHA1
f3d347d49671d01382ca1a8e3959c0c021d3478a
-
SHA256
be39480e8f78cc38960853590e7873e15501ff0aaa0d831b143173a63e583a37
-
SHA512
05111f0f4dc39a5dfaa3c824dfa5d2a479e903e53929d7044dc3b19c50855d0fa06f8a010f80a329943eaacddf440d5ff3e3ba402ea538f038e7ecf6cce0269b
-
SSDEEP
12288:IMrxy90NUGBgl0zcN16ItRuKPWpDdmwmwYy0u70Goyr6TMgG53SX:ZycBg1r6IbTutdJYyh70Go8d53SX
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-