General
-
Target
0030d18037d926f7aa95557519ec48c0e5f282ecbf4902f742d769be4678d5bb
-
Size
529KB
-
Sample
241110-gvbgeatrdq
-
MD5
f911bb015238fdf677b5cbf742e77f3d
-
SHA1
c4222eefa35758049160a2419eca568eab06bdb6
-
SHA256
0030d18037d926f7aa95557519ec48c0e5f282ecbf4902f742d769be4678d5bb
-
SHA512
0043dea7d7eb88977806282ac6586b9fee3c39a522b5ed035b0e12c03ae95058c783c2078b3927c7595d5307d6a771cc37694bfa6f66db0bc2da6e411ae94e32
-
SSDEEP
12288:UMrXy90AJzPVTDnysdkrn5/Uj9HRoRKvnagViOqfJB2RJAwW:byVRV3nymGn5sj9xoYSgVil2RBW
Static task
static1
Behavioral task
behavioral1
Sample
0030d18037d926f7aa95557519ec48c0e5f282ecbf4902f742d769be4678d5bb.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ruma
193.233.20.13:4136
-
auth_value
647d00dfaba082a4a30f383bca5d1a2a
Targets
-
-
Target
0030d18037d926f7aa95557519ec48c0e5f282ecbf4902f742d769be4678d5bb
-
Size
529KB
-
MD5
f911bb015238fdf677b5cbf742e77f3d
-
SHA1
c4222eefa35758049160a2419eca568eab06bdb6
-
SHA256
0030d18037d926f7aa95557519ec48c0e5f282ecbf4902f742d769be4678d5bb
-
SHA512
0043dea7d7eb88977806282ac6586b9fee3c39a522b5ed035b0e12c03ae95058c783c2078b3927c7595d5307d6a771cc37694bfa6f66db0bc2da6e411ae94e32
-
SSDEEP
12288:UMrXy90AJzPVTDnysdkrn5/Uj9HRoRKvnagViOqfJB2RJAwW:byVRV3nymGn5sj9xoYSgVil2RBW
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-