General
-
Target
c5644cb1c1fc41b46456e5855d7301c106563bbbb8300882b08ec29e5827365eN
-
Size
447KB
-
Sample
241110-bxn8dswjhs
-
MD5
1423fbd385a7b4be033bbe728b04b600
-
SHA1
548a4fcbe7956fc6f718dc11681d417104bc5929
-
SHA256
c5644cb1c1fc41b46456e5855d7301c106563bbbb8300882b08ec29e5827365e
-
SHA512
f23b9a3565d1c07d740bb8cd82a809376b68995a48eea1184e24a3e52bce9681252353487ca215cb38188ae598a97a857730f6d77777c1255b41885eeb8e17cf
-
SSDEEP
6144:Kay+bnr+qp0yN90QEbd7Tif7yhfc1dSJoqrL8lJFleamcTIvSfY/7BRoV4Du:qMrmy90nG+/JoqElJFlzmCISQ/FR0f
Static task
static1
Behavioral task
behavioral1
Sample
c5644cb1c1fc41b46456e5855d7301c106563bbbb8300882b08ec29e5827365eN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ronam
193.233.20.17:4139
-
auth_value
125421d19d14dd7fd211bc7f6d4aea6c
Targets
-
-
Target
c5644cb1c1fc41b46456e5855d7301c106563bbbb8300882b08ec29e5827365eN
-
Size
447KB
-
MD5
1423fbd385a7b4be033bbe728b04b600
-
SHA1
548a4fcbe7956fc6f718dc11681d417104bc5929
-
SHA256
c5644cb1c1fc41b46456e5855d7301c106563bbbb8300882b08ec29e5827365e
-
SHA512
f23b9a3565d1c07d740bb8cd82a809376b68995a48eea1184e24a3e52bce9681252353487ca215cb38188ae598a97a857730f6d77777c1255b41885eeb8e17cf
-
SSDEEP
6144:Kay+bnr+qp0yN90QEbd7Tif7yhfc1dSJoqrL8lJFleamcTIvSfY/7BRoV4Du:qMrmy90nG+/JoqElJFlzmCISQ/FR0f
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-