General
-
Target
9fe5aa3009fc9988e73285365c7251f1c1e8c7b9c044bcf0c480c4c9a25dc6a5
-
Size
440KB
-
Sample
241109-m63mxswlfp
-
MD5
0ac224ce4d54d0dec2c1e2ad824ce852
-
SHA1
72f2c51fe5cc43acb9a28432d9c4a8350dfc017f
-
SHA256
9fe5aa3009fc9988e73285365c7251f1c1e8c7b9c044bcf0c480c4c9a25dc6a5
-
SHA512
45ad3675acf61d292501b2d3a350c3ef773c9464aeed89cf1b7aa335ac980b5c54d0579267e80dfdb42f8c89d66a72a2c512f8b40c484708830c2fd41da9732b
-
SSDEEP
6144:K2y+bnr+wp0yN90QESETKwHHhtW5OSD7N75zZwKWFaBKmMDgGTgYzlH1/w:OMrsy90aQBtgHjNW9gw1zlHZw
Static task
static1
Behavioral task
behavioral1
Sample
9fe5aa3009fc9988e73285365c7251f1c1e8c7b9c044bcf0c480c4c9a25dc6a5.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ramon
193.233.20.23:4123
-
auth_value
3197576965d9513f115338c233015b40
Targets
-
-
Target
9fe5aa3009fc9988e73285365c7251f1c1e8c7b9c044bcf0c480c4c9a25dc6a5
-
Size
440KB
-
MD5
0ac224ce4d54d0dec2c1e2ad824ce852
-
SHA1
72f2c51fe5cc43acb9a28432d9c4a8350dfc017f
-
SHA256
9fe5aa3009fc9988e73285365c7251f1c1e8c7b9c044bcf0c480c4c9a25dc6a5
-
SHA512
45ad3675acf61d292501b2d3a350c3ef773c9464aeed89cf1b7aa335ac980b5c54d0579267e80dfdb42f8c89d66a72a2c512f8b40c484708830c2fd41da9732b
-
SSDEEP
6144:K2y+bnr+wp0yN90QESETKwHHhtW5OSD7N75zZwKWFaBKmMDgGTgYzlH1/w:OMrsy90aQBtgHjNW9gw1zlHZw
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-