General
-
Target
972100c23a5a0b1fc65e114f2809b70e611ffbd450fd7d3455da6f4dc525b660
-
Size
437KB
-
Sample
241109-xt4pkazjd1
-
MD5
f20abdc76bdfae2031682b2bc0bf5f67
-
SHA1
2526b2e3c15de16a42415a2393454e2132156a76
-
SHA256
972100c23a5a0b1fc65e114f2809b70e611ffbd450fd7d3455da6f4dc525b660
-
SHA512
22becae0634d4fa958723b271da64c84bb4e5be99200998322cf33e97d8da319046172c2d161acca21754aa9d12cede7748c608ff3e85ea2ffed3a6bb5f30bf6
-
SSDEEP
6144:K1y+bnr+fp0yN90QEX4HW7uwpcqItfoaeKyimC9tPlSljhaqDQ7DTKSIhLlwhHcL:3MrDy90Fujqk9yVNeqDECSM+I
Static task
static1
Behavioral task
behavioral1
Sample
972100c23a5a0b1fc65e114f2809b70e611ffbd450fd7d3455da6f4dc525b660.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
972100c23a5a0b1fc65e114f2809b70e611ffbd450fd7d3455da6f4dc525b660
-
Size
437KB
-
MD5
f20abdc76bdfae2031682b2bc0bf5f67
-
SHA1
2526b2e3c15de16a42415a2393454e2132156a76
-
SHA256
972100c23a5a0b1fc65e114f2809b70e611ffbd450fd7d3455da6f4dc525b660
-
SHA512
22becae0634d4fa958723b271da64c84bb4e5be99200998322cf33e97d8da319046172c2d161acca21754aa9d12cede7748c608ff3e85ea2ffed3a6bb5f30bf6
-
SSDEEP
6144:K1y+bnr+fp0yN90QEX4HW7uwpcqItfoaeKyimC9tPlSljhaqDQ7DTKSIhLlwhHcL:3MrDy90Fujqk9yVNeqDECSM+I
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-