General
-
Target
942685baa59a3b5a00559c73b47442e771ee6f035614c955a2a3aa5c484dacf9N.exe
-
Size
839KB
-
Sample
241110-zvn2lsvekl
-
MD5
4ae979d22274053a735c515f9110c7dd
-
SHA1
1dd997c238d5c2dd462d32fd98e112623a708282
-
SHA256
b44a2c750ac318d738a575e679403fb6f4171de8f985d7bc9f2ae9956ca74494
-
SHA512
21b453c826e71de2194f68625bf7e99e318247d17a7ee84076a7bd977b5c1078bd9bbd412ddae8dc21adbf864ead5f77a27848945ba9dae7f8a5c43e1b376aa4
-
SSDEEP
12288:LMr9y90XvVXqdFlfGwvVnfrD1hYqx54DW10TrwfTxZn/U3hZGsOL2Q9+RDCab9:2y+VopZhfrjZOc9Z/ShYB+RDCab9
Static task
static1
Behavioral task
behavioral1
Sample
942685baa59a3b5a00559c73b47442e771ee6f035614c955a2a3aa5c484dacf9N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
romik
193.233.20.12:4132
-
auth_value
8fb78d2889ba0ca42678b59b884e88ff
Targets
-
-
Target
942685baa59a3b5a00559c73b47442e771ee6f035614c955a2a3aa5c484dacf9N.exe
-
Size
839KB
-
MD5
4ae979d22274053a735c515f9110c7dd
-
SHA1
1dd997c238d5c2dd462d32fd98e112623a708282
-
SHA256
b44a2c750ac318d738a575e679403fb6f4171de8f985d7bc9f2ae9956ca74494
-
SHA512
21b453c826e71de2194f68625bf7e99e318247d17a7ee84076a7bd977b5c1078bd9bbd412ddae8dc21adbf864ead5f77a27848945ba9dae7f8a5c43e1b376aa4
-
SSDEEP
12288:LMr9y90XvVXqdFlfGwvVnfrD1hYqx54DW10TrwfTxZn/U3hZGsOL2Q9+RDCab9:2y+VopZhfrjZOc9Z/ShYB+RDCab9
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-