General
-
Target
5381d67261df3ec016581fe7002c71aa75ba9a8b6e549587a7d556538d9b0ed3N.exe
-
Size
539KB
-
Sample
241110-3nxa7axjdz
-
MD5
58c157e85d4133194d15a59df776e5e5
-
SHA1
468a407609c018fd41cd5f908ee72d61d41dcb31
-
SHA256
5160818fd9a7356b4d02471a4dc2511a7741e82d8fb49936bbae45b71b1b8279
-
SHA512
5793666e862a21e362944b7049ab93495340c5603cb6c812da5c1341231205718af597d2b802346fb7ff91dfc11f88e1dea8b0f338930577d2ab3adeb7233426
-
SSDEEP
12288:bMrny90BmkZgQAJOBoKFqNhqNtPD6QyopnHcIQQKW:0yNkZgQpGKVP+QXYQKW
Static task
static1
Behavioral task
behavioral1
Sample
5381d67261df3ec016581fe7002c71aa75ba9a8b6e549587a7d556538d9b0ed3N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
romik
193.233.20.12:4132
-
auth_value
8fb78d2889ba0ca42678b59b884e88ff
Targets
-
-
Target
5381d67261df3ec016581fe7002c71aa75ba9a8b6e549587a7d556538d9b0ed3N.exe
-
Size
539KB
-
MD5
58c157e85d4133194d15a59df776e5e5
-
SHA1
468a407609c018fd41cd5f908ee72d61d41dcb31
-
SHA256
5160818fd9a7356b4d02471a4dc2511a7741e82d8fb49936bbae45b71b1b8279
-
SHA512
5793666e862a21e362944b7049ab93495340c5603cb6c812da5c1341231205718af597d2b802346fb7ff91dfc11f88e1dea8b0f338930577d2ab3adeb7233426
-
SSDEEP
12288:bMrny90BmkZgQAJOBoKFqNhqNtPD6QyopnHcIQQKW:0yNkZgQpGKVP+QXYQKW
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-