General
-
Target
b35ab225042c1fde5c4b4a1b02e3777cd95721cc9ee97a31c6fd088807db1abd
-
Size
429KB
-
Sample
241109-x4bfrszkh1
-
MD5
b60c89da78422dff713b324212f2913b
-
SHA1
af489d8df8df24f382573f8099595c9b419a8a86
-
SHA256
b35ab225042c1fde5c4b4a1b02e3777cd95721cc9ee97a31c6fd088807db1abd
-
SHA512
e8c650931ffacf0dda92eeecc921a19fed43d752168ff72a1a93d6aeda2ce0c9c3f38de665885471c74b81ed81d7972062ded81c883ca03b4509bc49adf981d3
-
SSDEEP
6144:K6y+bnr+up0yN90QE5hZYwU21MEImBW5ZMUT/RIamEBeI2puLOVDta2MYfk:yMriy90pZS2iEImKT/kEBe+LOVxa/f
Static task
static1
Behavioral task
behavioral1
Sample
b35ab225042c1fde5c4b4a1b02e3777cd95721cc9ee97a31c6fd088807db1abd.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
b35ab225042c1fde5c4b4a1b02e3777cd95721cc9ee97a31c6fd088807db1abd
-
Size
429KB
-
MD5
b60c89da78422dff713b324212f2913b
-
SHA1
af489d8df8df24f382573f8099595c9b419a8a86
-
SHA256
b35ab225042c1fde5c4b4a1b02e3777cd95721cc9ee97a31c6fd088807db1abd
-
SHA512
e8c650931ffacf0dda92eeecc921a19fed43d752168ff72a1a93d6aeda2ce0c9c3f38de665885471c74b81ed81d7972062ded81c883ca03b4509bc49adf981d3
-
SSDEEP
6144:K6y+bnr+up0yN90QE5hZYwU21MEImBW5ZMUT/RIamEBeI2puLOVDta2MYfk:yMriy90pZS2iEImKT/kEBe+LOVxa/f
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-