General
-
Target
37c67f654570fc0738eaba5d70ec032d1375c28a3da921590e7b82adb56db51c
-
Size
1.1MB
-
Sample
241109-xpk2nasqem
-
MD5
4000b057b027ff5ad253c875022dc813
-
SHA1
1add97da0f85533662dc0d4ca62134eb4d4c90cd
-
SHA256
37c67f654570fc0738eaba5d70ec032d1375c28a3da921590e7b82adb56db51c
-
SHA512
99d46bb41196020e57132d4d0b301727600c200166e30721088d01bd53beec9d31043ee7a1e0261c525692223e47ad5ea8dacf28fede5231aeccd8c6af589115
-
SSDEEP
24576:FyvXyzjB72Fk8kF//O4XcSRiPkNPJ3FIWid4NgU4:gvXyZ72Fk8kNNsSRicNPJ3FIWia1
Static task
static1
Behavioral task
behavioral1
Sample
37c67f654570fc0738eaba5d70ec032d1375c28a3da921590e7b82adb56db51c.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
masta
185.161.248.75:4132
-
auth_value
57f23b6b74d0f680c5a0c8ac9f52bd75
Targets
-
-
Target
37c67f654570fc0738eaba5d70ec032d1375c28a3da921590e7b82adb56db51c
-
Size
1.1MB
-
MD5
4000b057b027ff5ad253c875022dc813
-
SHA1
1add97da0f85533662dc0d4ca62134eb4d4c90cd
-
SHA256
37c67f654570fc0738eaba5d70ec032d1375c28a3da921590e7b82adb56db51c
-
SHA512
99d46bb41196020e57132d4d0b301727600c200166e30721088d01bd53beec9d31043ee7a1e0261c525692223e47ad5ea8dacf28fede5231aeccd8c6af589115
-
SSDEEP
24576:FyvXyzjB72Fk8kF//O4XcSRiPkNPJ3FIWid4NgU4:gvXyZ72Fk8kNNsSRicNPJ3FIWia1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1