General
-
Target
31cbf2c21cb7b7d3f5df1d011da7b335cd6cf9b778846e54a16ceb76f1be542a
-
Size
431KB
-
Sample
241109-ma3ytaserk
-
MD5
198d336f53e89124c263071a2653c80b
-
SHA1
adcea9c0a0a39994367191d60c32e1e86a3d4203
-
SHA256
31cbf2c21cb7b7d3f5df1d011da7b335cd6cf9b778846e54a16ceb76f1be542a
-
SHA512
9ffa0bbfdf8ebfe77e917e7cd8fc676ea6784e84bbe18db709d7c55526cb69673b21c43abdb4e2cdc216e07190950c928cf089c5a55e2457ed9246656c525394
-
SSDEEP
6144:Kqy+bnr+dp0yN90QEXooBH8o9+vzM8Fc5Nx61gyyQ2RolKBKODe34++rs:GMrty90mvn1gyyQWqUKA++I
Static task
static1
Behavioral task
behavioral1
Sample
31cbf2c21cb7b7d3f5df1d011da7b335cd6cf9b778846e54a16ceb76f1be542a.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ramon
193.233.20.23:4123
-
auth_value
3197576965d9513f115338c233015b40
Targets
-
-
Target
31cbf2c21cb7b7d3f5df1d011da7b335cd6cf9b778846e54a16ceb76f1be542a
-
Size
431KB
-
MD5
198d336f53e89124c263071a2653c80b
-
SHA1
adcea9c0a0a39994367191d60c32e1e86a3d4203
-
SHA256
31cbf2c21cb7b7d3f5df1d011da7b335cd6cf9b778846e54a16ceb76f1be542a
-
SHA512
9ffa0bbfdf8ebfe77e917e7cd8fc676ea6784e84bbe18db709d7c55526cb69673b21c43abdb4e2cdc216e07190950c928cf089c5a55e2457ed9246656c525394
-
SSDEEP
6144:Kqy+bnr+dp0yN90QEXooBH8o9+vzM8Fc5Nx61gyyQ2RolKBKODe34++rs:GMrty90mvn1gyyQWqUKA++I
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-