General
-
Target
bba709ecd8c6785abdd28d7121f0b3b588d4d40fe5157e5515a6733058708853
-
Size
716KB
-
Sample
241111-btvwrsymfx
-
MD5
efccf4ec2e228841a2c288647f687c96
-
SHA1
c811af3663117099536c79d927770a3f263f6d0b
-
SHA256
bba709ecd8c6785abdd28d7121f0b3b588d4d40fe5157e5515a6733058708853
-
SHA512
c560c2919af24ab164524085b43ddb0c21d7be9cd68388b8c4aaf7395f3a35df290e65a625a0645bd624f4bdd77726b33d373166b5ba65488fc0673e9484e4e2
-
SSDEEP
12288:9McK5a8Ra8NRiWBe4B83o/vVcgGQXB1+bddWKAmfXfUQbcs8rcmHaEs:ScK5phNZ/+uCghWhf/sQyZ8
Static task
static1
Behavioral task
behavioral1
Sample
dca38093bc51d165acf5754982d66fe28509c85d65492d8428a240e1f85df435.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
romik
193.233.20.12:4132
-
auth_value
8fb78d2889ba0ca42678b59b884e88ff
Targets
-
-
Target
dca38093bc51d165acf5754982d66fe28509c85d65492d8428a240e1f85df435.exe
-
Size
767KB
-
MD5
83082232e13c9d8c4bdf53250665f2ed
-
SHA1
ccb6e6406d2d09fc1e81cf247eec2ef7334c218d
-
SHA256
dca38093bc51d165acf5754982d66fe28509c85d65492d8428a240e1f85df435
-
SHA512
0c78d52c7cfadae1899864802b3f52564dc2fa055d8f44499dfac8e1010933b10c789e92a3761097a4aba7588f25330093a44e733b49b31c2ea8ea003f2aeafb
-
SSDEEP
12288:cMrcy90+zgGidfPtVnYqKlvNAE5tUOetsKd4UTRta7/ChiM9wsYyIYSl3:Iy7zENW5jHRKhiMJa
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-