General
-
Target
653476dd6689f2f83044da03ac86e2815a72fc612dc1a938525ba0f3cb9d2f35
-
Size
424KB
-
Sample
241109-y5r1ks1jas
-
MD5
9e26bd3286cec099688156631bc48928
-
SHA1
41c4f316a784aa96272b9d242bdcab6ed626d8b3
-
SHA256
653476dd6689f2f83044da03ac86e2815a72fc612dc1a938525ba0f3cb9d2f35
-
SHA512
a0a85ff1f49c1571531750233dc58fe545ecf054ce56f0360f67ac293dc115f7a5d341400a8889a2b118e84aacc4109ebe50c4759ba95eb844e25a2e63682f06
-
SSDEEP
6144:Kiy+bnr+6p0yN90QEXaZK+Ql1+bXhpZ+CMr8zly1Trhj6Ff2I+fhtY5Qyzb5Nv7:GMr6y90J0iGhprMwzly5V8YAzzFNv7
Static task
static1
Behavioral task
behavioral1
Sample
653476dd6689f2f83044da03ac86e2815a72fc612dc1a938525ba0f3cb9d2f35.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
653476dd6689f2f83044da03ac86e2815a72fc612dc1a938525ba0f3cb9d2f35
-
Size
424KB
-
MD5
9e26bd3286cec099688156631bc48928
-
SHA1
41c4f316a784aa96272b9d242bdcab6ed626d8b3
-
SHA256
653476dd6689f2f83044da03ac86e2815a72fc612dc1a938525ba0f3cb9d2f35
-
SHA512
a0a85ff1f49c1571531750233dc58fe545ecf054ce56f0360f67ac293dc115f7a5d341400a8889a2b118e84aacc4109ebe50c4759ba95eb844e25a2e63682f06
-
SSDEEP
6144:Kiy+bnr+6p0yN90QEXaZK+Ql1+bXhpZ+CMr8zly1Trhj6Ff2I+fhtY5Qyzb5Nv7:GMr6y90J0iGhprMwzly5V8YAzzFNv7
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-