General
-
Target
28bf52b600e2cba2d16ffc15d4195a8a689b58f6c83e995c842b163f20495fc1
-
Size
838KB
-
Sample
241111-anv4xa1pdr
-
MD5
0f5310738546334d7d8685d61e47bcb9
-
SHA1
53e77d87623b29e388a6241466f857ebe706a64e
-
SHA256
28bf52b600e2cba2d16ffc15d4195a8a689b58f6c83e995c842b163f20495fc1
-
SHA512
69f8a9672cc0e9c7d7f46fe2070866deba00e3c5ba1ab6551fd2661d5f35c90da7f2a2383656649492ffaaef5a3b9fd01a8d2620dbfbf91a02e551b4b91aef83
-
SSDEEP
12288:oMroy90+bb5ZcUWwU1/9Qe9snshxOMl3qmDHgIsEKw2Bpl4hU3TQDtlgVW:gylbbjdWRWe2shom3qSAIsEK14S2lP
Static task
static1
Behavioral task
behavioral1
Sample
28bf52b600e2cba2d16ffc15d4195a8a689b58f6c83e995c842b163f20495fc1.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
romik
193.233.20.12:4132
-
auth_value
8fb78d2889ba0ca42678b59b884e88ff
Targets
-
-
Target
28bf52b600e2cba2d16ffc15d4195a8a689b58f6c83e995c842b163f20495fc1
-
Size
838KB
-
MD5
0f5310738546334d7d8685d61e47bcb9
-
SHA1
53e77d87623b29e388a6241466f857ebe706a64e
-
SHA256
28bf52b600e2cba2d16ffc15d4195a8a689b58f6c83e995c842b163f20495fc1
-
SHA512
69f8a9672cc0e9c7d7f46fe2070866deba00e3c5ba1ab6551fd2661d5f35c90da7f2a2383656649492ffaaef5a3b9fd01a8d2620dbfbf91a02e551b4b91aef83
-
SSDEEP
12288:oMroy90+bb5ZcUWwU1/9Qe9snshxOMl3qmDHgIsEKw2Bpl4hU3TQDtlgVW:gylbbjdWRWe2shom3qSAIsEK14S2lP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-