General
-
Target
389dfcfd0f29b4ac0e63984f1fdd3d92b406262f185068b850ac96d3c8d9c862
-
Size
758KB
-
Sample
241110-y184asxmdm
-
MD5
7617ef32ed1522b54fe29aa083c59384
-
SHA1
5c1f53bcc884f323a637157eaf6d85c1aa6772de
-
SHA256
389dfcfd0f29b4ac0e63984f1fdd3d92b406262f185068b850ac96d3c8d9c862
-
SHA512
062e31a89f0c27a24692f39d7d1b0481d5a395ecc62c2a5a144e4390f9653b6d815d47efd2f186beb34a8c7d816be4b6260a739ddbec35eeb273f810c1df56bc
-
SSDEEP
12288:6Mrsy90fqxCNAnNwVavHCC0TbkQIowvzK44VyNzsaXls0EMPozhX55Hh:uylx3nNoavHCC06ov49w4PshX55B
Static task
static1
Behavioral task
behavioral1
Sample
389dfcfd0f29b4ac0e63984f1fdd3d92b406262f185068b850ac96d3c8d9c862.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
romik
193.233.20.12:4132
-
auth_value
8fb78d2889ba0ca42678b59b884e88ff
Targets
-
-
Target
389dfcfd0f29b4ac0e63984f1fdd3d92b406262f185068b850ac96d3c8d9c862
-
Size
758KB
-
MD5
7617ef32ed1522b54fe29aa083c59384
-
SHA1
5c1f53bcc884f323a637157eaf6d85c1aa6772de
-
SHA256
389dfcfd0f29b4ac0e63984f1fdd3d92b406262f185068b850ac96d3c8d9c862
-
SHA512
062e31a89f0c27a24692f39d7d1b0481d5a395ecc62c2a5a144e4390f9653b6d815d47efd2f186beb34a8c7d816be4b6260a739ddbec35eeb273f810c1df56bc
-
SSDEEP
12288:6Mrsy90fqxCNAnNwVavHCC0TbkQIowvzK44VyNzsaXls0EMPozhX55Hh:uylx3nNoavHCC06ov49w4PshX55B
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-