General
-
Target
e5a898c269aa283ca34a3c83b00e8e6566fd45a9966d930f3bb5d933ebb2c867
-
Size
739KB
-
Sample
241109-yt9fgs1drq
-
MD5
b75eb3e10ed0ddb4572bc8224fc7cf51
-
SHA1
7ddde05fec0185650737b4bb79cc99436d6d7682
-
SHA256
e5a898c269aa283ca34a3c83b00e8e6566fd45a9966d930f3bb5d933ebb2c867
-
SHA512
f45bb9dae121af24bf4f1004902bc6d81490ddad96c49a6d5e9f78f699ca961a1bc5e4134bf0106eb43b0dec6beba24e096db03705dd4e7e73d0f15253d783ee
-
SSDEEP
12288:uMr7y90G8+aBxjurXISEJ1/1s/CYLwy2PBDgy7FJnPzdsCnMuhHq+Kc7/wqS/YoH:ly7MBxjl931s/CYuDgy7jpMut7nTk
Static task
static1
Behavioral task
behavioral1
Sample
e5a898c269aa283ca34a3c83b00e8e6566fd45a9966d930f3bb5d933ebb2c867.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ruma
193.233.20.13:4136
-
auth_value
647d00dfaba082a4a30f383bca5d1a2a
Targets
-
-
Target
e5a898c269aa283ca34a3c83b00e8e6566fd45a9966d930f3bb5d933ebb2c867
-
Size
739KB
-
MD5
b75eb3e10ed0ddb4572bc8224fc7cf51
-
SHA1
7ddde05fec0185650737b4bb79cc99436d6d7682
-
SHA256
e5a898c269aa283ca34a3c83b00e8e6566fd45a9966d930f3bb5d933ebb2c867
-
SHA512
f45bb9dae121af24bf4f1004902bc6d81490ddad96c49a6d5e9f78f699ca961a1bc5e4134bf0106eb43b0dec6beba24e096db03705dd4e7e73d0f15253d783ee
-
SSDEEP
12288:uMr7y90G8+aBxjurXISEJ1/1s/CYLwy2PBDgy7FJnPzdsCnMuhHq+Kc7/wqS/YoH:ly7MBxjl931s/CYuDgy7jpMut7nTk
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-