General
-
Target
d55d969b12ded7ed6185dc1c6e25ec34ea0486a7469c071164289cf38edd8182
-
Size
584KB
-
Sample
241109-yjsd8a1cpa
-
MD5
301a956c29bbf9b736e8dba344060a74
-
SHA1
240407f7ce5feb581e9e43867dae13954277556f
-
SHA256
d55d969b12ded7ed6185dc1c6e25ec34ea0486a7469c071164289cf38edd8182
-
SHA512
fcb66a00baa482027bca287b193cdde45e0b2ad8742cc97b73820b6e619038595a82b54966fcccb598171dfbe3ebb1da4df9e3ba7ff72c132e2c08ac0f180879
-
SSDEEP
12288:MMrmy90lgoPPkIOlhObmcSxkLw4o3hIPNGP1MRjT:Sy2cIOCbpRo3MNGdMR
Static task
static1
Behavioral task
behavioral1
Sample
d55d969b12ded7ed6185dc1c6e25ec34ea0486a7469c071164289cf38edd8182.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronam
193.233.20.17:4139
-
auth_value
125421d19d14dd7fd211bc7f6d4aea6c
Targets
-
-
Target
d55d969b12ded7ed6185dc1c6e25ec34ea0486a7469c071164289cf38edd8182
-
Size
584KB
-
MD5
301a956c29bbf9b736e8dba344060a74
-
SHA1
240407f7ce5feb581e9e43867dae13954277556f
-
SHA256
d55d969b12ded7ed6185dc1c6e25ec34ea0486a7469c071164289cf38edd8182
-
SHA512
fcb66a00baa482027bca287b193cdde45e0b2ad8742cc97b73820b6e619038595a82b54966fcccb598171dfbe3ebb1da4df9e3ba7ff72c132e2c08ac0f180879
-
SSDEEP
12288:MMrmy90lgoPPkIOlhObmcSxkLw4o3hIPNGP1MRjT:Sy2cIOCbpRo3MNGdMR
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-