General
-
Target
51f84d75db8446c865d0eae9a5de8d569fa156b1741c8d5f3e20c332dfbd21e2
-
Size
529KB
-
Sample
241110-q5vsgaxhkj
-
MD5
c313a2b6d91b9adaabdca116daaf208d
-
SHA1
405ef082d1fbbc5bb71de1d9f4a1d6b2261c36b8
-
SHA256
51f84d75db8446c865d0eae9a5de8d569fa156b1741c8d5f3e20c332dfbd21e2
-
SHA512
2e9cc659a75a70f1a913f84730159f3336c65b2431440ca6487b13ab1b34bbae57bbadcdf3b1e951919cdc723fe1a904329feaad2409eef762445eced1323ca6
-
SSDEEP
12288:5MrLy90sQjl8XuS+g4vrZR7x+2HrQS9Hbo7KvnagVaOqfJB2lJAsg:Gy0WuZg4TAVS97o2SgVal2lFg
Static task
static1
Behavioral task
behavioral1
Sample
51f84d75db8446c865d0eae9a5de8d569fa156b1741c8d5f3e20c332dfbd21e2.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ruma
193.233.20.13:4136
-
auth_value
647d00dfaba082a4a30f383bca5d1a2a
Targets
-
-
Target
51f84d75db8446c865d0eae9a5de8d569fa156b1741c8d5f3e20c332dfbd21e2
-
Size
529KB
-
MD5
c313a2b6d91b9adaabdca116daaf208d
-
SHA1
405ef082d1fbbc5bb71de1d9f4a1d6b2261c36b8
-
SHA256
51f84d75db8446c865d0eae9a5de8d569fa156b1741c8d5f3e20c332dfbd21e2
-
SHA512
2e9cc659a75a70f1a913f84730159f3336c65b2431440ca6487b13ab1b34bbae57bbadcdf3b1e951919cdc723fe1a904329feaad2409eef762445eced1323ca6
-
SSDEEP
12288:5MrLy90sQjl8XuS+g4vrZR7x+2HrQS9Hbo7KvnagVaOqfJB2lJAsg:Gy0WuZg4TAVS97o2SgVal2lFg
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-