General
-
Target
2609b4935ebc015595cc246bdbb19d3aac2e76d5838b6a5920c01242132b6b67
-
Size
441KB
-
Sample
241110-awwemswbkc
-
MD5
1a29ccf676fcbe2b34ba604d1503bb45
-
SHA1
fefe05fb8e43dff9d1f0bb7d2a681914e476a3bb
-
SHA256
2609b4935ebc015595cc246bdbb19d3aac2e76d5838b6a5920c01242132b6b67
-
SHA512
ed71ef5413a7cc651f2cff5bd3674dfc995cf79b7214feb973ed211428e30254a5ea56488de7da8f772c229a79676da5b4e2a649c7e3f72078a7233b90ddf8aa
-
SSDEEP
12288:tMr7y90XrVyl1e5Qy5K6OMsSLo5fUAMvWpb:qy4xyG5QQD+SL2fJXb
Static task
static1
Behavioral task
behavioral1
Sample
2609b4935ebc015595cc246bdbb19d3aac2e76d5838b6a5920c01242132b6b67.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ramon
193.233.20.23:4123
-
auth_value
3197576965d9513f115338c233015b40
Targets
-
-
Target
2609b4935ebc015595cc246bdbb19d3aac2e76d5838b6a5920c01242132b6b67
-
Size
441KB
-
MD5
1a29ccf676fcbe2b34ba604d1503bb45
-
SHA1
fefe05fb8e43dff9d1f0bb7d2a681914e476a3bb
-
SHA256
2609b4935ebc015595cc246bdbb19d3aac2e76d5838b6a5920c01242132b6b67
-
SHA512
ed71ef5413a7cc651f2cff5bd3674dfc995cf79b7214feb973ed211428e30254a5ea56488de7da8f772c229a79676da5b4e2a649c7e3f72078a7233b90ddf8aa
-
SSDEEP
12288:tMr7y90XrVyl1e5Qy5K6OMsSLo5fUAMvWpb:qy4xyG5QQD+SL2fJXb
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-