General
-
Target
21012c56f82c8dc191a842adf8c1f382379d7ff7c6237d370414b2ccb037922b
-
Size
440KB
-
Sample
241110-br7sjswerk
-
MD5
c42c796ed1652bf01fbeb1b58a6e1ded
-
SHA1
833182278489bc9e0d60557f869d69ca1805e360
-
SHA256
21012c56f82c8dc191a842adf8c1f382379d7ff7c6237d370414b2ccb037922b
-
SHA512
5ac70a7764356617ea700069f8a6f176d6ee1e49ddf115590933dad1da41e5bb07ae542c3140d860918f62b4da9663137fdb78b754bc5cfb1ec68845009b2940
-
SSDEEP
12288:2Mrqy90r1d4H1yJY2t24d7gh8E1Y3/FGnr:8y634V0YQd7gKE1y/G
Static task
static1
Behavioral task
behavioral1
Sample
21012c56f82c8dc191a842adf8c1f382379d7ff7c6237d370414b2ccb037922b.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronur
193.233.20.20:4134
-
auth_value
f88f86755a528d4b25f6f3628c460965
Targets
-
-
Target
21012c56f82c8dc191a842adf8c1f382379d7ff7c6237d370414b2ccb037922b
-
Size
440KB
-
MD5
c42c796ed1652bf01fbeb1b58a6e1ded
-
SHA1
833182278489bc9e0d60557f869d69ca1805e360
-
SHA256
21012c56f82c8dc191a842adf8c1f382379d7ff7c6237d370414b2ccb037922b
-
SHA512
5ac70a7764356617ea700069f8a6f176d6ee1e49ddf115590933dad1da41e5bb07ae542c3140d860918f62b4da9663137fdb78b754bc5cfb1ec68845009b2940
-
SSDEEP
12288:2Mrqy90r1d4H1yJY2t24d7gh8E1Y3/FGnr:8y634V0YQd7gKE1y/G
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-