General
-
Target
0c7c7f1cc618815f800bdc3d761266d596cee694841d42d8fbdfa72bf7e8a988N
-
Size
441KB
-
Sample
241109-z553wa1qc1
-
MD5
ba91fb8be1b82abf788fbd717a53de90
-
SHA1
e242bca1b798d35fec3f4b67925b629762f9c127
-
SHA256
0c7c7f1cc618815f800bdc3d761266d596cee694841d42d8fbdfa72bf7e8a988
-
SHA512
eb269e953cb95dc5059d11f7110330ea9258f487a926f24cb2cc4fccd8cf5a893822847c736d351b7a6852a2866236173638b45b8361bcc8e9da8ea518360fc2
-
SSDEEP
6144:Kcy+bnr+Np0yN90QEMSQiX1gw6SXi3Nh2cKMWBSJwl/7MF6bgIGn10aqJ6F3zFdZ:UMr1y90l/B6qi31j4ew1A8S+w9LZ
Static task
static1
Behavioral task
behavioral1
Sample
0c7c7f1cc618815f800bdc3d761266d596cee694841d42d8fbdfa72bf7e8a988N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ramon
193.233.20.23:4123
-
auth_value
3197576965d9513f115338c233015b40
Targets
-
-
Target
0c7c7f1cc618815f800bdc3d761266d596cee694841d42d8fbdfa72bf7e8a988N
-
Size
441KB
-
MD5
ba91fb8be1b82abf788fbd717a53de90
-
SHA1
e242bca1b798d35fec3f4b67925b629762f9c127
-
SHA256
0c7c7f1cc618815f800bdc3d761266d596cee694841d42d8fbdfa72bf7e8a988
-
SHA512
eb269e953cb95dc5059d11f7110330ea9258f487a926f24cb2cc4fccd8cf5a893822847c736d351b7a6852a2866236173638b45b8361bcc8e9da8ea518360fc2
-
SSDEEP
6144:Kcy+bnr+Np0yN90QEMSQiX1gw6SXi3Nh2cKMWBSJwl/7MF6bgIGn10aqJ6F3zFdZ:UMr1y90l/B6qi31j4ew1A8S+w9LZ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-