General
-
Target
58bf7456dd7f582f8bd46c7980750f5f1d0553f1ce6db7bf8f67772dacbfb34d
-
Size
430KB
-
Sample
241110-bn4lqavrby
-
MD5
9fa018b4524a32b4ac0536679a900bce
-
SHA1
0906751c74d9e8f9da8adc2b1fc8228cdf7186ef
-
SHA256
58bf7456dd7f582f8bd46c7980750f5f1d0553f1ce6db7bf8f67772dacbfb34d
-
SHA512
83129e810d80f8d7274d1dd04e1f28ae76105fe30102cd80ffeb95852d15b4e03a00c83348b268edf431addad4d7343255219e190f560cd114bf13506e158ffc
-
SSDEEP
6144:Kly+bnr+Lp0yN90QEfGtL2+JwWQDRzqG9VuI3DLyu37j89OcRqH0ci6QrbFYgEft:3MrXy90lu6TtmGeIzD0OoqHGFYgWW7M
Static task
static1
Behavioral task
behavioral1
Sample
58bf7456dd7f582f8bd46c7980750f5f1d0553f1ce6db7bf8f67772dacbfb34d.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
58bf7456dd7f582f8bd46c7980750f5f1d0553f1ce6db7bf8f67772dacbfb34d
-
Size
430KB
-
MD5
9fa018b4524a32b4ac0536679a900bce
-
SHA1
0906751c74d9e8f9da8adc2b1fc8228cdf7186ef
-
SHA256
58bf7456dd7f582f8bd46c7980750f5f1d0553f1ce6db7bf8f67772dacbfb34d
-
SHA512
83129e810d80f8d7274d1dd04e1f28ae76105fe30102cd80ffeb95852d15b4e03a00c83348b268edf431addad4d7343255219e190f560cd114bf13506e158ffc
-
SSDEEP
6144:Kly+bnr+Lp0yN90QEfGtL2+JwWQDRzqG9VuI3DLyu37j89OcRqH0ci6QrbFYgEft:3MrXy90lu6TtmGeIzD0OoqHGFYgWW7M
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-