General
-
Target
bba2913b65b504ef6fb7103b5362b5c2af952d69f254a3cbf91f34745c8f4ca3
-
Size
739KB
-
Sample
241110-qdbkhswqgy
-
MD5
c3024b81b42077d639af67b232da1edb
-
SHA1
327079402579055ba6a78f1caea5d14b256923b6
-
SHA256
bba2913b65b504ef6fb7103b5362b5c2af952d69f254a3cbf91f34745c8f4ca3
-
SHA512
21441bce0504f16dfee8202ab1fb238c03ecc63632f6d2246adfb1ecc41572d8dd214d58a8d2394a67162fb81503f4efb85b530155826f1639dc8f4f20049f21
-
SSDEEP
12288:lMr7y90yfzuNdSrprnPuB/b5FNshfM0OEU2tKyrQ+mvBB626LTaFn:qyvYeW/bLNshfM0OEL4yev63in
Static task
static1
Behavioral task
behavioral1
Sample
bba2913b65b504ef6fb7103b5362b5c2af952d69f254a3cbf91f34745c8f4ca3.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ruma
193.233.20.13:4136
-
auth_value
647d00dfaba082a4a30f383bca5d1a2a
Targets
-
-
Target
bba2913b65b504ef6fb7103b5362b5c2af952d69f254a3cbf91f34745c8f4ca3
-
Size
739KB
-
MD5
c3024b81b42077d639af67b232da1edb
-
SHA1
327079402579055ba6a78f1caea5d14b256923b6
-
SHA256
bba2913b65b504ef6fb7103b5362b5c2af952d69f254a3cbf91f34745c8f4ca3
-
SHA512
21441bce0504f16dfee8202ab1fb238c03ecc63632f6d2246adfb1ecc41572d8dd214d58a8d2394a67162fb81503f4efb85b530155826f1639dc8f4f20049f21
-
SSDEEP
12288:lMr7y90yfzuNdSrprnPuB/b5FNshfM0OEU2tKyrQ+mvBB626LTaFn:qyvYeW/bLNshfM0OEL4yev63in
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-