General
-
Target
5c64d763c7f4f23377fd63425bdee73c95d23c585a22ec6f77825def3bd43608
-
Size
585KB
-
Sample
241109-m9wzjssmdw
-
MD5
559d2676b5d2bcd3feaa9513ce6bcaee
-
SHA1
57b13731be11a21dfe3694f3fe405bd7177eb8c9
-
SHA256
5c64d763c7f4f23377fd63425bdee73c95d23c585a22ec6f77825def3bd43608
-
SHA512
42328a9e34f1767e4c0c2ee1d3024284cd05ea445dfcff625ed7d2a9c5a141db7b88b84f82fb3e17b5d3a692e4e2ec84fa4d760518c0f0b32bb7edb2f828f6da
-
SSDEEP
12288:BMryy90rgZ/Wr3GWYX3E4p316TMExTOqbTa3IhS:Ly6Qc3GNX3EsAxTOqqZ
Static task
static1
Behavioral task
behavioral1
Sample
5c64d763c7f4f23377fd63425bdee73c95d23c585a22ec6f77825def3bd43608.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
5c64d763c7f4f23377fd63425bdee73c95d23c585a22ec6f77825def3bd43608
-
Size
585KB
-
MD5
559d2676b5d2bcd3feaa9513ce6bcaee
-
SHA1
57b13731be11a21dfe3694f3fe405bd7177eb8c9
-
SHA256
5c64d763c7f4f23377fd63425bdee73c95d23c585a22ec6f77825def3bd43608
-
SHA512
42328a9e34f1767e4c0c2ee1d3024284cd05ea445dfcff625ed7d2a9c5a141db7b88b84f82fb3e17b5d3a692e4e2ec84fa4d760518c0f0b32bb7edb2f828f6da
-
SSDEEP
12288:BMryy90rgZ/Wr3GWYX3E4p316TMExTOqbTa3IhS:Ly6Qc3GNX3EsAxTOqqZ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-