General
-
Target
e083ff24e50534beaa8ecc5c15c3216d00d1f8930a2b4947c82e4f7febfc28a3
-
Size
429KB
-
Sample
241109-yk6y1a1cmn
-
MD5
c26f72511ef097b796acd51a786b39b0
-
SHA1
df713cbc62c32f139ba8ae2befafe4e53e21a5f4
-
SHA256
e083ff24e50534beaa8ecc5c15c3216d00d1f8930a2b4947c82e4f7febfc28a3
-
SHA512
78ab3503eb0698485804377177a15be0b17365e89fa18eb46173afee831bc9de22e32f9d7a9015c3af0c03fada3fbfef0870f41eef685e8edfb709ab9e486ac6
-
SSDEEP
6144:Kly+bnr+2p0yN90QErhZYwU21MEImBW5ZMUT/RIamEBeI2puLOPZxsn0cuthEl:fMray90/ZS2iEImKT/kEBe+LOvNtK
Static task
static1
Behavioral task
behavioral1
Sample
e083ff24e50534beaa8ecc5c15c3216d00d1f8930a2b4947c82e4f7febfc28a3.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
e083ff24e50534beaa8ecc5c15c3216d00d1f8930a2b4947c82e4f7febfc28a3
-
Size
429KB
-
MD5
c26f72511ef097b796acd51a786b39b0
-
SHA1
df713cbc62c32f139ba8ae2befafe4e53e21a5f4
-
SHA256
e083ff24e50534beaa8ecc5c15c3216d00d1f8930a2b4947c82e4f7febfc28a3
-
SHA512
78ab3503eb0698485804377177a15be0b17365e89fa18eb46173afee831bc9de22e32f9d7a9015c3af0c03fada3fbfef0870f41eef685e8edfb709ab9e486ac6
-
SSDEEP
6144:Kly+bnr+2p0yN90QErhZYwU21MEImBW5ZMUT/RIamEBeI2puLOPZxsn0cuthEl:fMray90/ZS2iEImKT/kEBe+LOvNtK
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-