General
-
Target
0979d7997b9026ef9ed87960775fb56db446e6d1ae2d720033e88f39abcbae4f
-
Size
592KB
-
Sample
241109-yv5hxs1ekn
-
MD5
4afa146eaeef54fa7c5f202587ec6f7c
-
SHA1
51f63d09acbd1253f7812efd6513aada2edc549b
-
SHA256
0979d7997b9026ef9ed87960775fb56db446e6d1ae2d720033e88f39abcbae4f
-
SHA512
1018b8e31509d94696eec8642f43027208cc11d087fce3cdc886de41074c5baf6f4a29619b31088fd2988682805773bf2f3dce1cdc973e80e848ea8edc77e815
-
SSDEEP
12288:/Mr0y90aIWUdgBIVK4BtSDb1YSUooJJlJFlxtCGSQ/QRdoIuwWo:LyVIXnVzSDpsooJJlNxtCGrGhuto
Static task
static1
Behavioral task
behavioral1
Sample
0979d7997b9026ef9ed87960775fb56db446e6d1ae2d720033e88f39abcbae4f.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronam
193.233.20.17:4139
-
auth_value
125421d19d14dd7fd211bc7f6d4aea6c
Targets
-
-
Target
0979d7997b9026ef9ed87960775fb56db446e6d1ae2d720033e88f39abcbae4f
-
Size
592KB
-
MD5
4afa146eaeef54fa7c5f202587ec6f7c
-
SHA1
51f63d09acbd1253f7812efd6513aada2edc549b
-
SHA256
0979d7997b9026ef9ed87960775fb56db446e6d1ae2d720033e88f39abcbae4f
-
SHA512
1018b8e31509d94696eec8642f43027208cc11d087fce3cdc886de41074c5baf6f4a29619b31088fd2988682805773bf2f3dce1cdc973e80e848ea8edc77e815
-
SSDEEP
12288:/Mr0y90aIWUdgBIVK4BtSDb1YSUooJJlJFlxtCGSQ/QRdoIuwWo:LyVIXnVzSDpsooJJlNxtCGrGhuto
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-