General
-
Target
3578238d70553956da01130654d0403d9fac821ccd3a18778c245bc417183f8e
-
Size
529KB
-
Sample
241110-rl5zrsyejb
-
MD5
b501ab8cc1d013086422978d0a1756e4
-
SHA1
0bf5a2935bf242533ca331e5d05e4570d988bf73
-
SHA256
3578238d70553956da01130654d0403d9fac821ccd3a18778c245bc417183f8e
-
SHA512
c0b6101069bb6cada887f453ce119277ea1a93a7465a38f9f16d98f3b81023ea1f1b780b3acfe3f140bf22a56b7d603a6179d5126b81386f9bf73198d60a7f83
-
SSDEEP
12288:rMrey9077bSCASPht1lkeoOytA7Jv2DBL3y7CJnPzPsCnp4lqU8:5yOuKroTL3y7SPpI8
Static task
static1
Behavioral task
behavioral1
Sample
3578238d70553956da01130654d0403d9fac821ccd3a18778c245bc417183f8e.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ruma
193.233.20.13:4136
-
auth_value
647d00dfaba082a4a30f383bca5d1a2a
Targets
-
-
Target
3578238d70553956da01130654d0403d9fac821ccd3a18778c245bc417183f8e
-
Size
529KB
-
MD5
b501ab8cc1d013086422978d0a1756e4
-
SHA1
0bf5a2935bf242533ca331e5d05e4570d988bf73
-
SHA256
3578238d70553956da01130654d0403d9fac821ccd3a18778c245bc417183f8e
-
SHA512
c0b6101069bb6cada887f453ce119277ea1a93a7465a38f9f16d98f3b81023ea1f1b780b3acfe3f140bf22a56b7d603a6179d5126b81386f9bf73198d60a7f83
-
SSDEEP
12288:rMrey9077bSCASPht1lkeoOytA7Jv2DBL3y7CJnPzPsCnp4lqU8:5yOuKroTL3y7SPpI8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-